Manager, Information Security- Hybrid, Pittsburgh, PA (candidates must be local to Pittsburgh, PA)
US-PA-Pittsburgh
careers
Req #: 21716
Type: Full-Time
|
|||||||||
|
|||||||||
Overview: Location: Hybrid- Pittsburgh, PA (candidates must be local to Pittsburgh, PA) Job Type: Full Time/Permanent Work Authorization: No Sponsorship The A.C.Coy has an immediate need for a Manager of Information Security for a full time opportunity. Responsibilities: * Collaborate closely with various Technology teams and Firm leadership to inspire, mentor, and cultivate the skills of the security team members, fostering a high-performance environment * Develops and maintains information security policies, procedures and training and advise the various departments in adhering to them * Leads the ongoing ISO 27001/27701 lifecycle and manage the relationship with our consulting team to ensure security operations compliance * Provides expert opinions and leadership over existing technical threats and advice on how to mitigate or identify as acceptable risks * Oversees vulnerability scanning and remediation programs * Establish and Oversee Security Metric investments and risk trending dashboard * Oversees and/or assists in performing on-going security monitoring threat avoidance analyses * Manage relationships with security managed service providers and continuously develop their capabilities * Analyzes new systems (hardware and software) and provides recommendations concerning their security * Coordinates the development of an ongoing information security awareness program to ensure that employees are aware of threats and how to help ensure privacy of data * Provide responses to client security audits/questionnaires/RFPs * Maintains appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and /or transmitted client data and reasonably protect against anticipated threats and hazards * Ensures compliance through adequate training programs and oversight of periodic internal and 3rd party security audits * Assesses audit results and partners with staff to create pragmatic action plans * Monitors execution and completion of action plans * Provides technical guidance and training to information owners and designs and implements programs for user awareness, compliance monitoring and security compliance. * Develops and maintain an ongoing risk assessment program targeting information security and privacy matters * Active participant in Information Security and serves as Technology leader for incident response * Serves as primary contact for Technology incident responses Qualifications: Education: Bachelor's Degree or equivalent experience * 8+ years of experience working within an Information Security related field * 3+ years of experience managing a team of technical security engineers * One or more of the following certifications strongly preferred: CISSP, CISM; matriculating candidates considered * Strong understanding of various security frameworks; ISO27001/ISO27701 and SOC * Working knowledge of EDR, Vulnerability Scanning, Firewall, Proxy, PAM/PIM, SIEM and other security-related technologies * Ability to understand technical implications of security threats and prioritize risk * Willingness to travel to other offices as required
Share this job:
