Union Trust Building 501 Grant St , Ste 200
| Work from home flexibility
Job Category: Infrastructure
Job Number: 6660
We are searching for a Manager of Information Security for our corporate Pittsburgh, PA office. This position will be responsible for the new development and oversight of a comprehensive information security and privacy program. The Manager of Information Security will function as an internal information security consultant regarding technology and processes.
- Reporting to the Director – Information Technology and working with other IT teams and leadership, the Manager will develop and maintain information security policies, procedures and standards and advise the various departments and practice groups in adhering to them.
- Provides expert opinions on existing technical threads and advice on how to mitigate or identify as acceptable risks.
- Oversees vulnerability scanning and remediation programs.
- Oversees and/or assists in performing on-going security monitoring threat avoidance analyses.
- Manages relationships with security managed service providers and continuously develop their capabilities.
- Analyzes new systems (hardware and software) and provides recommendations concerning their security.
- Coordinates the development of an ongoing information security awareness program to ensure that employees are aware of threats and how to help ensure privacy of data.
- Provides the responses to client security audits/questionnaires/RFPs.
- Provides management with up-to-date information on the different threats and security vulnerabilities that the organization may face.
- Maintains appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and /or transmitted client data and reasonably protect against anticipated threats and hazards.
- Ensures compliance through adequate training programs and oversight of periodic internal and 3rd party security audits. Assesses audit results and partners with staff to create pragmatic action plans. Monitors execution and completion of action plans.
- Provides technical guidance and training to information owners and designs and implements programs for user awareness, compliance monitoring and security compliance.
- Develops and maintain an ongoing risk assessment program targeting information security and privacy matters.
- Partners with Information Technology managers to develop and maintain best practices and policies for security of all internal systems.
- Actively participates in Information Security and serves as Information Technology owner for incident responses. Serves as primary contact for Information Technology incident responses.
- Performs other work-related duties as assigned.
Skills and Requirements:
- Experience working in an information security related field.
- Experience managing a team of technical security engineers.
- Must have 1 or more of the following certifications: CISSP, CISM, CEH, CIPP; matriculating candidates considered.
- Strong knowledge of security implications involving Microsoft, Cisco, Unix/Linux and other market leaders in technology solutions, including mobile devices.
- Solid understanding of various security frameworks; ISO27001/NIST.
- Working knowledge of EDR, Vulnerability Scanning, Firewall, Proxy, SIEM and other security-related technologies.
- Excellent listening skills and written and oral communication skills, including effective presentation skills.
- Ability to relate to non-technical users in user-friendly language.
- Ability to understand technical implications of security threats.
- Ability to manage multiple concurrent objectives or activities and effectively make judgments in prioritizing and time allocation in a high-pressure environment.
- Ability to gauge one’s strengths and limitations.
- Ability to deal with changes and adapt to a changing environment.
- Must demonstrate the ability to maintain strict confidentiality of the internal and personnel affairs.
- Ability to work well with others, harness different skills and experience and build a strong sense of team spirit.
- Highly self-motivated and directed.
- Ability to work in a multi-office environment and willingness to travel to other offices as required.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Share This Job:
Login to save this search and get notified of similar positions.