Information Security Officer

Posted · Add Comment
ctechny.com
Published
January 7, 2021
Location
New York, New York
Category
Job Type

Description

The Information Security Manager will be expected to interface with staff and management across all levels of the Information Technology department, as well as with internal business Leadership and external Clients on a regular basis.

Responsibilities:

  • Provide technical project leadership for firm-wide Information Security programs spanning multiple quarters/years pertaining to cyber security and related security protection.
  • Create and maintain the firm’s security architecture design, awareness training program, and security documentation (i.e. policies, standards, baselines, and procedures)
  • Act as project management lead for security projects, as well as interact with Project Management resources for larger projects, as needed
  • Oversee the deployment, integration, and initial configuration of all new security solutions and any enhancements to existing security solutions in accordance with established best practices and standards
  • Identify, propose, and acquire new security solutions or enhancements to existing security solutions to improve the firm’s overall security stance by following existing procurement processes
  • Act as the first level escalation point for all security-related incidents, events, and day-to-day security operations
  • Act as the first level escalation point for all security-related incidents, events, and day-to-day security operations
  • Participate in the creation and maintenance of the firm’s Business Continuity and Disaster Recovery Planning, where appropriate
  • Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat outbreaks
  • Ensure the confidentiality, integrity, and availability of the data residing on or transmitted through the firm’s systems, applications, databases, and any other data repositories
  • Drive the adoption of published IT security policies, standards, and procedures across the firm
  • Supervise the design and execution of vulnerability assessments, penetration tests, and customer driven security audits
  • Oversee the remediation efforts of vulnerability findings resulting from internal and external vulnerability scans and penetration tests

Requirements:

  • Qualified applicants should have current experience across a broad spectrum of data security disciplines
  • Minimum of 2 years' experience managing information security staff/teams responsible for cyber security
  • Minimum of 4 years' experience as an information security professional with advanced experience developing, documenting, and driving adoption of information security standards and procedures
  • Minimum of 2 years of advanced knowledge of security standards and frameworks
  • Minimum of 2 years of experience implementing and executing security incident response
  • Strong background with firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTP proxies, etc.
  • Knowledge of security best practices across multiple platforms, such as Microsoft Windows, VMWare, Citrix, and Cisco IOS
  • Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques
  • Exceptional customer service, verbal and written communication skills are required
  • Candidate should be able to effectively interact with all levels of staff and executive C-level management
  • Bachelor’s degree from an accredited university in CS, IT, CIS, a computer related field, or equivalent work experience
  • Possession of CISSP, GIAC, CEH, Security+ or other security related certification is a plus
  • Experience within the legal, financial, insurance, and/or healthcare industry is a plus
  • Hands-on knowledge working with Atlassian JIRA Software - Project and Issue tracking is a plus

Related Jobs

Security Operations Manager   New York, New York new
January 25, 2021