Find The Best Information Security Manager Jobs For You

Where do you want to work?

0 selections

Information Security Manager

Digitalmindstech.com
Bethesda, MD
Opens new tabopen new tab
Here are top 5 Skills for this role:

• Understanding, experience and ability to translate at least one industry security standard / framework including NIST CSF, NIST 800-53, ISO27001, CSL and PCI DSS to IT and Digital product teams
• Strong negotiating, influencing and problem resolution skills in a high-pressure environment
• Experience with securing cloud environments (AWS, Google, Microsoft, Alibaba, etc.)
• Ability to apply organizational information security policies at a product & platform squad level
• Experience working in Agile environment

Job Description:

Manager, Information Security - Business Information Security Partner (BISP) Manager

JOB SUMMARY:

Support the Business Information Security Partnership (BISP) Directors within Global Information Security (GIS) organization and their assigned products & platforms, while serving as the trusted advisor. The BISP Manager role will support the BISP and liaise on a tactical level between the product & platforms teams and Global Information Security (GIS), keeping clear lines of communication including but not limited to; transparency to the product & platforms on upcoming security initiatives, reporting of security risks to product & platform leader, and the GIS sub-functions. In addition, this role will ensure business compliance with the GIS Policy and Standards while continuously monitoring and reporting on risks and documented exceptions.

In supporting the BISP Directors, the incumbent will use their experience and knowledge of information & cyber security as well as their process management, negotiating, influence and problem-solving skills to understand security technology lifecycles and objectives; further, to translate them into mutually beneficial business strategies for their product & platforms clients.

CANDIDATE PROFILE

Education and Experience
Required:
• 5+ years relevant work experience including:
o 3 years' in information security that includes security program management, metrics capture and analysis and technology expertise.
o 2+ years' supporting the design and implementation of information security programs
o 2+ years' supporting implementing enterprise security risk management frameworks and processes
• Bachelor's degree in Computer Sciences or related field or equivalent experience/certification
Preferred:
• Experience with securing cloud environments (AWS, Google, Microsoft, Alibaba, etc.)
• Experience working in Agile environment
• Knowledge of DevSecOps application security
• Understanding and experience with at least one industry security standard / framework including NIST CSF, NIST 800-53, ISO27001, CSL and PCI DSS
• Understanding of key network and technical security controls
• Knowledge of global regulatory standards to include GDPR, CCP, etc.
• Ability to demonstrate security experience via certifications (Security +, CISSP, CISA, CRISC, CISM, etc.) or significant career accomplishments in technology
• Ability to apply organizational information security policies at a product & platform squad level
• Strong negotiating, influencing and problem resolution skills in a high-pressure environment
• Knowledge of business environment, service requirements and hospitality culture
New
3d ago
Opens new tabopen new tab

Information Security Manager CIVP8

Avantus
Arlington, VA
Avantus Federal, a NewSpring Holdings Company, is a mission-focused services and solutions company headquartered in McLean, VA. Drawing upon its heritage companies' histories of consistent growth and high performance in the federal services market, Avantus ensures eminence is earned, sustained and grown.

Avantus' services and solutions are designed, tailored, and executed based on our long history of helping our Homeland Security, Defense, Intelligence, and Federal Civilian customers solve complex challenges. Our capabilities include Project & Portfolio Management, Facilities, Acquisition & Sustainment, Systems Engineering Technical Services, Operations & Analysis, Transformation & Advisory Services, Data & Software Solutions, Digital Innovation, and Augmented Intelligence.

Avantus is actively looking for a Senior Manager to lead an Information Security team for a client within the Department of Justice. This role has the critical responsibility acting both as a subject matter expert for a large Agile development effort as well as leading a team of information security analysts.
Responsibilities Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. Provides technical/management leadership on major tasks or technology assignments. Establishes goals and plans that meet project objectives. Has domain and expert technical knowledge. Directs and controls activities for a client, having overall responsibility for financial management, methods, and staffing to ensure that technical requirements are met. Required Qualifications Experience leading information security teams Agile software development experience 12+ years of Federal and/or contractor experience in relevant fields Top Secret clearance Bachelors degree in a relevant field #AvantusClearedJob Per Executive Order (E0 14042) proof of COVID-19 vaccination is required prior to your start date. Preferred Qualifications Masters degree in a relevant field Understanding of the federal law enforcement environment CISSP, and/or ITIL certifications Ability to obtain a TS/SCI or higher clearance Company EEO Statement Avantus Federal is an equal opportunity employer and Vietnam Era Veterans Readjustment Assistance Act (VEVRAA) federal contractor. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity, protected veteran status, status as a qualified individual with a disability, or any other category protected by law. Avantus hires and promotes individuals solely on the basis of their qualifications for the job to be filled.
New
3h ago

Manager, Information Security Training and Awareness

Novavax Inc.
Gaithersburg, MD
If you find science, speed, and success exhilarating, you have come to the right place.

Novavax, Inc. (Nasdaq: NVAX) is a biotechnology company that promotes improved health globally through the discovery, development, and commercialization of innovative vaccines to prevent serious infectious diseases. Novavax is currently conducting multiple late-stage clinical trials for NVX-CoV2373, our vaccine candidate against the virus that causes COVID-19, and has recently reported exciting and highly encouraging initial efficacy results. NanoFlu, our quadrivalent influenza nanoparticle vaccine, met all primary objectives in its pivotal Phase 3 clinical trial in older adults. Both candidate vaccines incorporate Novavax' proprietary saponin-based Matrix-M adjuvant to enhance the immune response and stimulate high levels of neutralizing antibodies. Novavax is a leading innovator of recombinant vaccines. Our proprietary technology platform leverages the power and speed of genetic engineering to efficiently produce highly immunogenic nanoparticles in order to address urgent global health needs.

Novavax, Inc. is headquartered in Gaithersburg, Maryland with additional facilities in Uppsala, Sweden and Bohumil, Czech Republic.

We are seeking a highly skilled and experienced Manager for the Information Security Training and Awareness area. With a strong work ethic and a self-starter mindset, you will have a demonstratable history of creating and maturing training and awareness programs.

Responsibilities include but are not limited to:

* Own, develop, and mature the Security Training and Security Awareness Program
* Work with external vendors for training content creation and with the internal Communications Team
* Create, update, and deliver security awareness initiatives and content across various audiences using available tools and channels
* Maintain the security training and awareness programs charter, roadmap and strategy
* Authoring, revising, partnering with others on communications to promote security initiatives and announcements
* Implementing large scale programs and influencing decisions that work to improve the company's overall security posture
* Security presentations, publications, and industry collaboration
* Cross-functional collaboration
* Producing KRI's and KPI's
* Manage Abuse Inbox
* Collaborate with internal teams to understand vulnerabilities and remediation path for user vulnerabilities
* Run internal security campaigns and provide metrics for continuous improvement
* Oversee all security projects and security portfolio
* Manage security budgets
* Track and maintain open positions, assist with scheduling and vetting as needed
* Work directly with VMO / Vendors to ensure purchasing process runs smooth
* Help validate IT training assignments to ensure effective learning assignments
* Work with IT teams to ensure appropriate IT training is procured, assigned and taken by individiuals
* Ensure that the correct GxP and non-regulatory training is consumed
* Work with various teams to ensure that training across the corporation is valid
* Work with various teams to ensure that as we go through a digital transformation there is tool specific training available and delivered via various methods

Minimum requirements:

* Team-centered mindset
* Strong collaboration skills
* Proven ability to track and critique metrics related to the training and awareness programs
* Proven ability to create and teach a strong cyber security culture
* Proven ability to lead a CISO communication strategy in collaboration with corporate communications
* Experience working with Learning Management Systems, including SCORM-based content
* Proven desire to learn and keep updated with an ever-changing threat landscape
* Prior experience with DoD standards and certifications such as CMMC is a plus
* IT or training certifications are a plus
* Previous work in a GXP-regulated environment is a plus
* College degree

Novavax is headquartered in Gaithersburg, Maryland with additional facilities in Uppsala, Sweden and Bohumil, Czech Republic. Novavax is traded on the Nasdaq Stock Market under the symbol NVAX and is dedicated to developing novel vaccines to address infectious disease.

Novavax offers a base salary, annual bonus, equity grants, professional career development/growth opportunities, and a comprehensive benefits package including medical, dental, vision, Rx, STD, LTD, Life, Optional Life, 401(k) plan.

Equal Opportunity Employer/Veterans/Disabled

Novavax is an equal employment opportunity employer. Employment and advancement opportunities are available to all individuals on an at-will basis, regardless of their race, color, national origin, religion, ancestry, citizenship status, military or veteran status, sex, sexual orientation, gender identity or expression, age, marital status, family responsibilities, pregnancy, disability, genetic information, protective hairstyle, or any other characteristic protected by applicable federal, state, or local law.

#LI-SH1

#LI-Remote
13d ago

Information Security Manager CIVP8

E3 Federal Solutions
Arlington, VA
Avantus Federal, a NewSpring Holdings Company, is a mission-focused services and solutions company headquartered in McLean, VA. Drawing upon its heritage companies' histories of consistent growth and high performance in the federal services market, Avantus ensures eminence is earned, sustained and grown.

Avantus' services and solutions are designed, tailored, and executed based on our long history of helping our Homeland Security, Defense, Intelligence, and Federal Civilian customers solve complex challenges. Our capabilities include Project & Portfolio Management, Facilities, Acquisition & Sustainment, Systems Engineering Technical Services, Operations & Analysis, Transformation & Advisory Services, Data & Software Solutions, Digital Innovation, and Augmented Intelligence.

Avantus is actively looking for a Senior Manager to lead an Information Security team for a client within the Department of Justice. This role has the critical responsibility acting both as a subject matter expert for a large Agile development effort as well as leading a team of information security analysts.

+ Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information.

+ Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure.
+ Provides technical/management leadership on major tasks or technology assignments.

+ Establishes goals and plans that meet project objectives. Has domain and expert technical knowledge.

+ Directs and controls activities for a client, having overall responsibility for financial management, methods, and staffing to ensure that technical requirements are met.

+ Experience leading information security teams

+ Agile software development experience

+ 12+ years of Federal and/or contractor experience in relevant fields

+ Top Secret clearance

+ Bachelors degree in a relevant field

+ #AvantusClearedJob

+ Masters degree in a relevant field

+ Understanding of the federal law enforcement environment

+ CISSP, and/or ITIL certifications

+ Ability to obtain a TS/SCI or higher clearance

Avantus Federal is an equal opportunity employer and Vietnam Era Veterans Readjustment Assistance Act (VEVRAA) federal contractor. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity, protected veteran status, status as a qualified individual with a disability, or any other category protected by law. Avantus hires and promotes individuals solely on the basis of their qualifications for the job to be filled.

Req #: 2021-7195

External Company URL: https://avantusfederal.com/

Telecommute: Yes
58d ago

Cyber and Information Security New Graduate positions

The Mitre Corporation
Bethesda, MD
Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges-and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day-working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE-and make a difference with us.

You are not applying for a specific position. Applying to this pipeline requisition will put you in a candidate pool that will be viewed by technical leaders and recruiters for opportunities across the company.

MITRE's mission is to build a safer world: At MITRE, everything we do is in the public interest; many of the complex problems we work on are a matter of life or death, and that means keeping our nation secure, helping our people to stay healthy, promoting government stability, and leveling the playing field against nefarious cyber attacks against our nation's critical infrastructure, national security systems, and individuals.
What will I do?

Working alongside MITRE engineers, on teams or in labs, MITRE Cybersecurity New Grads will help design, develop, and implement solutions and technologies to enhance the security and resilience of our nation's cyber infrastructure community interests, enabling mission and operational success.

As a part of a bigger community, you will solve different kinds of problems for different government agencies (DoD, NIST, Homeland Security, FAA and CMS; to name a few), and serve community interests. This will help you understand how your solutions fit in context of real-world scenarios with a breadth of capability areas.

At MITRE, mastery comes through collaboration with a diverse team of cyber professionals who mentor and challenge you in your own pursuit of excellence. From design to operations, you will learn to apply security engineering expertise, innovative concepts, and technology solutions on a variety of projects to address every facet of our sponsor's cyber challenges in three key strategic areas: threat-based security operations, threat-based engineering and design, and security of evolving and emerging technologies.

Why is the MITRE a good place to start your career?

You will be exposed to those with world-class expertise, innovation, and thought leadership to protect the platforms and information technology systems of our government sponsors as well as broader community interests.

What cybersecurity areas could you work at MITRE?

+ Cyber Resilience

+ Detection and Response

+ Mobile Security

+ Cloud Security

+ Risk Management Frameworks

+ Situational Awareness

+ Threat Emulation

+ Digital Forensics

+ Security Automation

+ Security Architectures

+ Policy and Governance

+ Privacy Engineering

+ Cyber Operations

What else do you need to know?

That MITRE values your work-life balance by offering 21 days of paid-time off plus flexible work schedules, civic time, sabbaticals, and parental leave. In addition, you will enjoy such benefits as our generous retirement matching, education loan repayment program, educational assistance programs, the MITRE Institute, and more. For more information about our award-winning workplace, see mitre.org/careers/working at MITRE.

Minimum Qualifications:

+ BS in cybersecurity, computer science, computer or electrical engineering, or related fields. In some cases, high school students may be considered.

+ Applicants selected for this position may be subject to a government security investigation.

+ Knowledge of cyber security principles and their application

+ Ability to work with others to solve challenging technical problems.

Preferred Qualifications:

+ Masters or PhD in cybersecurity, computer science, computer or electrical engineering, or related fields.

+ Demonstrated knowledge with a variety of security and information assurance disciplines.

+ Basic knowledge of cyber security principles, tools and devices.

+ Excellent communications, writing, and briefing skills

+ Experience working with design recovery, software analysis, and/or reverse engineering tools

+ Proficiency in one or more of the following--Java, Python, XML, HTML, C#, Objective C; Database design & development including SQL, hardware, or networking protocols.

+ Have cyber related experience gained from academic study and/or related intern/coop work

+ Sustained excellence in academic performance

+ High level desire to help the USA solve its most critical problems

+ Exhibits the characteristics of a continuous learner

Additional Information

+ We are seeking Interns candidates at many MITRE locations. Remote opportunities may also available. We are committed to trying to find the best location for you!

+ Clearance: Hiring requisitions for some roles may require a U.S. Government Security clearance.

This requisition requires the candidate to have a minimum of the following clearance(s):

This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):

Salary compensation range and midpoint:

$79,500 - $95,500 - $114,600 Annual

MITRE requires all employees to be fully vaccinated against COVID-19. Newly hired employees must be fully vaccinated prior to their employment start date. MITRE will provide reasonable accommodation to those with a medical condition, disability or a sincerely held religious belief that prevents them from receiving a vaccine so long as it does not create an undue hardship for MITRE and/or does not pose a direct threat to the health or safety of the employee or others in the workplace.

MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster (https://www.eeoc.gov/sites/default/files/migrated\_files/employers/poster\_screen\_reader\_optimized.pdf) , EEO is the Law Poster-Supplement (https://www.eeoc.gov/sites/default/files/migrated\_files/employers/eeoc\_gina\_supplement.pdf) and Pay Transparency (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp\_%20English\_formattedESQA508c.pdf) .

MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE's employment process, please contact MITRE's Recruiting Help Line at 703-983-8226 or email at recruitinghelp@mitre.org.

Copyright © 1997-2021, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.

Benefits information may be found here (https://careers.mitre.org/us/en/benefits)
23d ago

Information Security Manager - TS/SCI - Ft. Meade/ Fairfax, VA

General Dynamics Information Technology
Springfield, VA
**Type of Requisition:** Regular

**Clearance Level Must Be Able to Obtain:** Top Secret/SCI

**Job Family:** Information Security

**Information Security Manager**

**TS/SCI**

**Ft. Meade/ Fairfax, VA**

Please take this opportunity to join one of GDIT's fastest long-standing growing programs! US Battlefield Information Collection and Exploitation System eXtended (US BICES-X) is a cutting edge program supporting DoD intelligence information sharing on current and emerging global threats to mission and coalition partners and emerging nations. With an internationally dispersed team supporting each combatant command, the US BICES-X team is in direct support of the war fighter and their missions. We are seeking a creative and driven professional with a passion for solving real world issues on a cross-functional, fast-paced team.

As the Information Security Manager your role is manage the Information Security Management function for the US BICES program. The Information Security Manager will provide line management, leadership and strategic direction for the function and liaising closely with other managers. In addition this role identifies potential security risks, recommends mitigation measures and implements remediation measures.

**Responsibilities:**

**Strategy & Planning**

+ Determines enterprise information security standards.

+ Develops and advises on the implementation of information security standards.

+ Provides tactical and strategic information security advice and examining the ramifications of new technologies.

+ Performs all procedures necessary to ensure the security of information systems assets and to protect systems from intentional or inadvertent access or destruction.

+ Ability to provide an independent assessment and ensure security controls are implemented correctly, operating as intended, and are producing the desired outcome.

+ This position requires interaction with customers within the Mission Partner Capabilities Office community

+ Maintains current knowledge of relevant technology as assigned.

+ Completes weekly and monthly reporting requirements.

**Operational Management**

+ May serve as a focal point of contact for the information security team and the customer/organization.

+ Advises on physical security, disaster recovery, and data backup systems.

+ Manages security audits and vulnerability and threat assessments, and directing responses to network or systems intrusions

+ Ensures that all information security systems are functional and secure.

+ Provides training to information security personnel.

+ Assesses current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement.

+ Communicate information security goals and new programs effectively with other managers.

+ Participates in special projects as assigned.

+ Participates in change management process, assessing security impact of proposed changes.

+ Designs and recommends security policies and procedures.

+ Manages information systems authorizations using eMASS.

**Qualifications**

**Required Qualifications:**

+ 10+ years of IT experience with at least 5+ years Cyber Assurance experience.

+ Must have working knowledge of DOD Risk Management Framework (RMF)

+ Must meet DOD 8750 requirements and be eligible for IAM level II access upon hire for positions with elevated privileges and must obtain ITIL V4 Foundation within six months of hire. Additional specific certifications may be required, depending on job assignment.

+ Must possess and maintain a Top Secret/SCI Security Clearance.

+ BA/BS or the equivalent combination of education, technical training, or work/military experience.

+ Ability to work in a team-oriented, collaborative environment.

+ Ability to work efficiently in a fast-paced environment and multi-task while still ensuring high quality of work

+ Highly organized with strong ability to prioritize work and work autonomously

+ Excellent verbal and written communication skills

+ Great attention to detail and presentation

+ Results driven, highly efficient, energetic and highly motivated

+ Must possess a high degree of intelligence, competence, maturity, adaptability, resilience, integrity and initiative

+ The work is typically performed at client site locations, which requires proper safety precautions; work may require some physical effort in the handling of light materials, boxes or equipment.

**Preferred Qualifications:**

+ CISSP certification preferred.

+ Information Security Management experience

+ Knowledge with Virtualization technologies: VMWare, Citrix, and Microsoft

+ Familiarity of concepts such as DevOps, Infrastructure as Code, Software Defined Data Center, Continuous Deployment, and Continuous Integration desired.

+ Knowledge with Network level: WAN and LAN connectivity, routers, firewalls, and security internal systems, cloud and network infrastructure

+ Experience with firewalls and firewall rule sets

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
34d ago

Information Security Manager

EJ
Remote or East Jordan, MI
EJ has an immediate opening for an Information Security Manager. Generous Benefit Package that includes: Vacation & Holiday Pay, Medical, Dental, Vision, Employee Assistance Program, Wellness Program, 401K (with match), Life Insurance, etc. About EJ: We are the leader in the design, manufacture, and distribution of access solutions for water, sewer, drainage, telecommunications, and utility networks. We have a presence worldwide and our corporate headquarters is in East Jordan, Michigan. The core strength of our business is our dedicated employees. Employees who embrace our values, understand the importance of relationships, and strive for excellence. Our values, which have been passed down for generations, are the essence of our company's identity and our guide for making decisions. Core values at EJ include, safety and security, honesty and integrity, environmental responsibility, respect for others, quality and excellence, and social responsibility. EJ is a family-owned company and remains one of the most stable, progressive, well-tooled manufacturing companies in the world. Location: This position reports to the corporate office located in East Jordan, MI. The right candidate for this position could have the option to work remotely from anywhere in the world, with some travel required. SUMMARY The Information Security Manager is a critical member of the Information Security and Privacy Leadership (ISPL) team. This position is an interface between the Chief Information Officer's (CIO) strategic and process-based security activities and the work of the technology focused analysts, engineers and architects in the IT and OT organizations. This role provides strategic, architectural, operational, and technical support to the global information security program; and is considered a global technical resource for regional IT and OT Departments to assure the consistent implementation of global security controls. The Information Security Manager is also responsible to help monitor EJ regional information systems for access control violations/intrusion detection, cybersecurity problems and malware issues, as well as assist with recovery from access control violations, malware attacks and cybersecurity attacks. ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned. * Promotes security and safety awareness, accident prevention, and employee involvement with regard to a safe work environment. Ensures employees have an understanding of the security and safety expectations of the organization. * Promotes the company culture, the mission and vision, and the core values of the company. * Must be able to translate the IT and OT risk-based requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance and management. * Coordinates the IT and OT organization's technical activities to implement and manage the company global security infrastructure and provides regular status and service-level reports to management. Strategic Support * Administer and propose changes to the Company Information Security and Privacy Program. Major components of the program include policies, security and privacy awareness training, technical system controls and audits. * Experience with the CIS security controls and control assessments to help assure all appropriate risks are minimized and controls implemented in both the IT and OT environments. * Work with the CIO and regional IT and OT Departments to identify areas of high security and privacy risk and propose appropriate policies, training and controls to the Information Security and Privacy Department. * Identify opportunities to both improve and simplify global information technology security management, including reducing the number of and variety of dissimilar technology platforms. Architectural/Engineering Support * Work with the regional IT and OT Departments to assure that security measures are built into all internal, interfaced and third-party systems housing confidential/private data. * Document where security policies are not 100% attainable. Work with the regional IT and OT departments to manage these exceptions and create plans and processes to eliminate the exceptions where appropriate. * Work with the global IT and OT Departments to assure proper implementation of security controls, and schedule audits where compliance is suspect. * Conduct audits of security policies and vulnerability tests of security controls and make recommendations for improvements. Validate that each region has properly implemented the security program. * Conduct cyber security tabletop exercises with IT and OT. * Work with global IT and OT teams on disaster recovery and resiliency planning and testing. * Research, evaluate, design, test, recommend or plan the implementation of new information security hardware and software, and analyze its impact on the existing environments; provide the technical and managerial expertise for the administration of security tools. * Provide assistance to the regional IT and OT Departments with the configuration and operation of the various information technology system for a highly secure environment to meet all global security and privacy legal compliance requirements. Operational Support * Monitor the company execution of the security and privacy program to validate that the program is implemented and processes are completed as outlined and scheduled in the security policies; or recommend policy changes. * Proactively monitor global system reports for access control violations/intrusion detection, cybersecurity problems and malware issues. * Actively work with global regions on complex incident detection, troubleshooting, resolution and recovery, and reporting from access control violations, malware attacks and cybersecurity attacks. * Maintain a knowledge base for information security topics, such as security advisories and alerts for IT, OT, and the general employee population. * Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies. Security Liaison * Assist personnel and IT and OT Departments in understanding and responding to security issues and security audit concerns. * Work with various global department leaders, including IT, OT, HR, and Finance, to educate them on security risks and necessary controls and to identify new risks and appropriate controls. * Monitor all security incidents to validate that each global region has completed all steps for all incidents, including post-incident reviews and follow-up steps. Actively participate in incidents to assure that lessons learned from other incidents are shared throughout the organization and are properly documented for global sharing. * Keep abreast of security alerts by information system vendors, government agencies (such as CISA), professional associations and other organizations as needed, communicate the alerts as appropriate, and make recommendations of precautionary steps. * Keep abreast of global information security and privacy regulatory changes and make appropriate policy, training, and control recommendations to the ISPL to meet legal requirements. * Work with the CIO, IT and OT Departments, and ISPL to develop, report and monitor a security performance dashboard to be used by the ISPL and global regions. * Be the global consolidator and disseminator of technical expertise on security capabilities of various security and privacy technologies to assure consistent global implementation of security controls. The following is a non-comprehensive list of some of these technologies: * All network equipment (firewalls, routers, switches); all server, database, SAN and endpoint operating systems, server, application, and database resiliency. * Security applications: Intrusion detection and prevention, access controls, CASB, virus protection, spyware, adware filtering, web site blocking, DLP systems etc. * Ability and experience to successfully use key technologies for security purposes. QUALIFICATIONS To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. EDUCATION and/or EXPERIENCE Bachelor's degree (B.A. or B.S.) from a four-year college or university, several years of related IT and OT cyber security experience and security certifications desired. Appropriate security certifications include the following: CISM, CISSP, CISA, CRISC. Microsoft technologies certifications: Azure and Defender. OTHER SKILLS AND ABILITIES * Spoken and written English language proficiency required * Spoken and written French language proficiency desired * Expertise in leading project teams and developing and managing projects * Ability to collaborate and facilitate action with different IT and OT organizations who do not directly report to this position * Ability to clearly present ideas to Company Leaders or other IT Department members * Strong analytical skills * Excellent verbal, written, and interpersonal communication skills PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit and use hands to finger, handle, or feel. The employee frequently is required to talk or hear. The employee is occasionally required to stand; walk; reach with hands and arms; climb or balance; and stoop, kneel, crouch, or crawl. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, color vision, and ability to adjust focus. WORK ENVIRONMENT The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is occasionally required to be in the manufacturing environment and to be exposed to moving mechanical parts, extreme heat, and risk of electrical shock. These exposures are limited and are secured through proper safety precautions such as proper PPE and other safety policies. The noise level in the work environment is usually moderate, although there is an occasional need to work in the manufacturing environment, where noise levels are increased. In such cases, proper PPE, such as hearing protection, is required. TRAVEL Overnight and international travel required. Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
19d ago

Manager, Information Security

Commvault
Remote
Commvault is a worldwide leader in delivering backup and recovery for the progressive enterprise. Commvault enables you to protect, manage, and use your data, while managing it in a consistent, compliant way. Our automated solutions work on-prem and in the cloud, and work with the digital tools and procedures you're already using. Keep your data accessible and actionable with a single solution that ensures your data is always available - no matter what.
JOB DESCRIPTION: Commvault is seeking a hands-on information security manager who will be responsible for growing our incident response (IR) and threat intelligence capabilities and overseeing daily activities and related operations. You will also be driving adoption and evaluation of cybersecurity platforms, threat monitoring and reporting, incident response tool, enhancing IR operations. You will be leading a growing global team and multiple centers of operations.*** This position can be based remotely anywhere in the US *** Position Responsibilities Develop and drive cybersecurity initiatives related to incident response, threat intelligence, vulnerability management, monitoring and reporting tools - to continuously improve and expand capabilities. Responsible for operationalizing incident response. Lead technical efforts during a critical incident Ensure Security Operations tools are effectively utilized and operating, identify gaps in process or procedure and implement new solutions accordingly. Monitor key performance indicator (KPI) metrics; track and report on performance; provide reporting to senior management on performance. Drive gathering of forensics and evidence Will require hands on work with team to help resolve incidents Stay abreast of industry trends and changing threat landscape and review technologies/services and make recommendations to continuously improve our capabilities Design, recommend/drive implementation and maintain procedures and controls necessary to ensure and protect the safety and security of all information system assets within the organization, including prevention of intentional or inadvertent access, modification, disclosure, or destruction of critical data Develop and maintain effective relationships with IT and product teams throughout the company to coordinate efforts to protect critical systems and processes Communicate vertically and horizontally to keep stakeholders informed and involved on Security Operations matters Position Requirements 10+ years of experience in information security. 5+ years of hands-on SOC experience. Demonstrated success in managing IR/threat management/intelligence teams and growing the team and its capabilities over time Experience securing both IT and OT environments. Ability to respond to critical incidents 24x7. Demonstrated project management skills, specifically managing multiple, concurrent projects. Professional certification in information protection, Certified Information Systems Security Professional (CISSP) or other industry specific certifications preferred Hands on experience with SIEM and Log management Hands-on experience with vulnerability management products Experience with next gen end point protection Experience with penetration testing Security expertise on cloud platforms such as Azure, AWS and GCP #LI-MO1 Commvault is an equal opportunity workplace and is an affirmative action employer. We are always committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. and we will not discriminate against on the basis of such characteristics or any other status protected by the laws or regulations in the locations where we work.
14d ago

Information Security Manager - Remote role

Warbird Consulting Partners
Remote

This position is a "Remote based" Full-time role: Security Information Security Manager with a Warbird Client.

As a Manager, you are expected to have broad general knowledge, gained through both education and work experience. You are responsible for the outcomes of the team and for the development of team member skill sets. You can be trusted to work independently with very limited supervision, and can effectively train, coach, and delegate to others. You have a strong ability to work on and prioritize multiple, concurrent projects while meeting aggressive deadlines in a fast-paced environment. Willingness to participate in cross-functional training and support.

POS Position scope: Key Technologies:

NETWORK SECURITY: Palo Alto Firewalls; Network-based anomaly detection; Active Directory

DATA SECURITY: Data Classification; Data Loss Prevention (Endpoint, Network, and Cloud); CASB (Cloud Access Security Broker); Behavioral Analytics

CLOUD SECURITY: IaaS and SaaS Configuration Security; Scripting Language Security ; Network based anomaly detection; Understanding of GCP, AWS, and/or Azure

Associated Activities:

  • Able to set goals and objectives to team members for achievement of operational results.
  • Able to develop and implement new products, processes, standards or operational plans that will have impact on the achievement of functional results.
  • Can collaborate with senior leadership to set definition of the Security roadmap through determination of best practices and technology decisions.
  • Can manage the outcomes of their team and development their skill sets.
  • Can be trusted to work independently with very limited to no supervision.
  • Can effectively train, coach, and delegate to others.
  • Accurate and professional verbal and written communication skills with Senior Executives
Job Requirements

Required Skills & Experience:

  • Bachelor degree in Information Security, Computer Science, Management of Information Systems, or related field required.
  • Common knowledge of typical IT platforms, operating systems, and configuration methods
  • Common knowledge of system administration concepts
  • Strong Verbal and Written Communication Skills
  • Strong Research and Analytical Skills

Preferred License/Registration/Certification:

  • CISSP Certified Information Systems Security Professional
  • GSEC GIAC Security Essentials Certified

Warbird is an Equal Employment Opportunity ( EEO ) employer and welcomes all qualified applicants. Applicants will receive fair and impartial consideration without regard to race, sex, color, religion, national origin, age, disability, veteran status, genetic data, religion or other legally protected status. E-Verify - Warbird participates in the Electronic Employment Eligibility Verification Program. INDS

We can recommend jobs specifically for you! Click here to get started.
New
6d ago

Information Security Risk Manager

Ringcentral
Remote

Say hello to possibilities.

It's not everyday that you consider starting a new career. We're RingCentral, and we're happy that someone as talented as you is considering this role.

First, a little about us, we're the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction-giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device.

We're a $1.5 billion company that's growing at 30+% annually and we're expanding our Cloud Ops Team to make sure we stay ahead of the competition.

The RingCentral CISO team is the engine that drives and helps implement security standards for RingCentral. By partnering closely with Product & Technology, we work with teams from Engineering to UX/UI to CloudOps, to help come up with the biggest ideas in secure cloud communications that are imagined, developed, and delivered. If there's a better way to bring people together, RingCentral is finding it, iterating on it, and sharing it with the world.

RingCentral surrounds you with world-class technology and talent, in a people-first environment built from the ground up to help you do the best work of your career. We're not just changing the nature of communication and teamwork. We're winning, together.

As part of the CISO team, you'll help define and drive the security standards, compliance, and disciplines required for complex, business-critical problems supported with elegant, user-friendly solutions that perform at massive scale. It's a once-in-a-career chance to get your hands on the latest-and-greatest technologies, and build the platform that's reshaping the way the world communicates.

Information Security Risk Manager (Belmont CA or remote USA):

Essential Job Functions:

  • Lead and manage lifecycle of information security findings, issues and risks in support of audit, compliance and risk management

  • Manage cybersecurity compliance in support of audit projects (such as SOC2, HITRUST, FedRamp, etc.) from planning phase to completion phase.

  • Closely partner with compliance and audit specialists to ensure issue management aligned with audit framework requirements

  • Analyze security controls and compliance requirements for various frameworks such as SOC2, HIPAA, HITRUST, PCI/DSS, ISO27001 and FedRAMP Perform internal gap assessments for new frameworks.

  • Work closely with product, regulatory, privacy, security, engineering, operations, sales, marketing to initiate and implement issue and risk management discipline. Assist with compliance and security engineering projects as needed.

  • Perform annual risk assessment and drive remediation activity across various teams.

  • Perform continuous monitoring of compliance activities and work with SMEs to drive remediation efforts and process improvements.

  • Develop governance, risk & compliance measurements and metrics to report up to executive management.

Qualifications:

  • Bachelor's degree required; BS in Computer Science, Information Security, or related field is preferred.

  • Minimum 5 years of experience in the field of Information Security, Cybersecurity, Audit and/or Compliance is required.

  • 2+ years of experience in people & team management.

  • STRONG project management skills/abilities. Must be able to bring order to chaos.

  • SaaS or Cloud security experience desirable.

  • Deep knowledge of at least two or more security frameworks (such as ISO 27001, PCI, SOC2, NIST, etc.) and ability to determine measures that will satisfy controls, design controls and determine solutions is strongly required.

  • Strong knowledge of additional security frameworks (CIS Critical Controls, HIPAA, HITRUST to Mitigate Cyber Security Incidents, UK Cyber Essentials, etc.) would be desirable.

Other Competencies:

  • Project Management: Plan and manage several projects to meet compliance and security requirements. Effectively communicate with other teams at RingCentral during the entire project cycle.

About RingCentral: RingCentral is the worldwide leader in cloud-based communications. Our software communications platform delivers phone, group chat, mobile communications, video calls, videoconference, contact center and AI-driven digital engagement. It's a powerful, global presence that allows businesses to communicate anywhere, anytime with anyone.

RingCentral is headquartered in Belmont, California and has offices around the world.

RingCentral is an equal opportunity employer that truly values diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

#LI-BH1

14d ago

Manager, Information Security Risk & Compliance

Alteryx
Remote
16d ago

Information Security Manager / Electric Vehicles/ Remote

Motion Recruitment
Remote or Los Angeles, CA
17d ago

Manager- Information Security Policy Governance (remote)

Johnson Controls, Inc.
Remote or Milwaukee, WI
28d ago

Information Security Manager

Change.org
Remote or San Francisco, CA
32d ago

Information Security Engineering Manager

Primerica Inc.
Remote or Duluth, GA
35d ago

Information Security Planning & Governance - Manager

Equifax
Remote or Alpharetta, GA
54d ago

Information Security System Manager

DCS Corporation
Fort Belvoir, VA
New
3d ago

MGR INFORMATION SECURITY COMPLIANCE

Lumen
Washington, DC
19d ago

Manager, Information Security (Remote Opportunity)

Kohl's Corp.
Remote or Menomonee Falls, WI
60d+ ago

Manager, Information Security (Remote Opportunity)

Kohl's
Remote or Menomonee Falls, WI
60d+ ago

Information Security Manager - Governance, Risk & Compliance

E. & J. Gallo Winery
Remote or Modesto, CA
60d+ ago

Information Security Manager - Governance, Risk & Compliance

E&J Gallo
Remote or Modesto, CA
60d+ ago

Information Security Manager

Transvoyant
Alexandria, VA
19d ago

Information Security Manager / $180K / Full remote / Privacy

Motion Recruitment
Remote or Los Angeles, CA
27d ago

Fully Remote / Information Security and Privacy Manager / 180K

Motion Recruitment
Remote or Los Angeles, CA
52d ago

Information Security and Privacy Manager / Electric Vehicle/ Remote

Motion Recruitment
Remote or Los Angeles, CA
50d ago

Senior Information Security Manager - Build InfoSec Team / 190K

Motion Recruitment
Remote or Boston, MA
60d+ ago

Information System Security Manager

Raytheon Technologies
Sterling, VA
New
4d ago

Information Systems Security Manager

SAIC
Reston, VA
Opens new tabopen new tab
New
2d ago
Opens new tabopen new tab

Information System Security Manager

Microsoft Corporation
Reston, VA
New
5d ago

Information System Security Manager

Collins Aerospace
Sterling, VA
New
5d ago

Information System Security Manager

Raytheon Technologies Corp
Sterling, VA
New
5d ago

Information Systems Security Manager

SAIC (Science Applications Int.)
Reston, VA
25d ago

Information Systems Security Manager

Engility Corporation
Reston, VA
24d ago

ISSM / Information Systems Security Manager ( Active Polygraph required)

General Dynamics Information Technology
Herndon, VA
10d ago

ISSM / Information Systems Security Manager ( Active Polygraph required)

General Dynamics
Herndon, VA
New
5d ago

Information System Security Manager VA MDE (Notional)

Acuity International
Reston, VA
14d ago

Information System Security Manager

Leidos
Bethesda, MD
New
12h ago

Information Security Office, Director

Capital One
McLean, VA
Opens new tabopen new tab
New
Easy Apply
6d ago
Opens new tabopen new tab

Manager, Cyber Info. Systems Security 1

Northrop Grumman
Dulles Town Center, VA
Opens new tabopen new tab
New
3d ago
Opens new tabopen new tab

Average Salary For an Information Security Manager

Based on recent jobs postings on Zippia, the average salary in the U.S. for an Information Security Manager is $119,571 per year or $57 per hour. The highest paying Information Security Manager jobs have a salary over $154,000 per year while the lowest paying Information Security Manager jobs pay $92,000 per year

Average Information Security Manager Salary
$119,000 yearly
$57 hourly
Updated October 17, 2021
92000
10 %
119000
Median
154000
90 %

Highest Paying Cities For Information Security Manager

0 selections
CityascdescAvg. salaryascdescHourly rateascdesc
San Francisco, CA
$158,498
$76.20
Washington, DC
$133,375
$64.12
West Windsor, NJ
$126,371
$60.76
Phoenix, AZ
$124,781
$59.99
Austin, TX
$120,623
$57.99
Arlington, VA
$116,097
$55.82

5 Common Career Paths For an Information Security Manager

Information Technology Security Manager

An information technology security manager is responsible for maintaining the safety and security of the organization's network systems to prevent unauthorized access and illegal dissemination of information from the database. Information technology security managers resolve technical issues, configure network updates, and upgrade system infrastructures to enhance optimal performance and navigation. They also install applications, inspect security breaches, and fix faulty servers to avoid system downtimes and operational delays. An information technology security manager must have excellent technical and communication skills, especially in writing reports for system findings and design networks according to business requirements.

Security Manager

Security managers are responsible for creating a safe environment for everyone and implementing policies to prevent emergencies. They ensure the safety of employees and assets of the company as well as its facilities. Additionally, they evaluate and manage risks by implementing safety policies and training security staff in responding efficiently to emergencies. A security manager must exhibit excellent leadership, surveillance, and emergency response skills. A good security manager should also have a strong commitment to security rules and understand all hazards and threats to safety.

Vice President

Vice presidents are usually considered the second-in-command in the organization, depending on the organization structure. They take over when the president is unavailable to fulfill duties. They may also represent the organization in external events and other official functions. They are important members of the boardroom, and their opinions are usually sought after as well. Vice presidents are usually poised to follow the president's footsteps in the organization, especially if the president is nearing retirement. They also make urgent and crucial decisions when the president is not available to do so. Vice presidents must have strong business acumen, decision-making skills, and professionalism.

Senior Manager

A senior manager is responsible for directing the overall efficiency of business operations. Senior managers monitor the performance of the staff, improve operational strategies, identify business opportunities, allocate budgets and resources, present reports to senior management, set goals to drive results on increasing the company's revenues and profitability. Senior managers must coordinate with various operations departments to maintain good feedback for the company, meeting client's expectations, and delivering the best results. They should have excellent communication and leadership skills to handle team members, as well as managing their needs and concerns.

Information Technology Director

An information technology (IT) Director is a professional responsible for the management, strategy, and execution of an organization's IT infrastructure. He/She supervises a team of workers while working with the organization's management and external vendors and advisors. Aside from managing workers, an IT director should possess problem-solving skills and an aptitude for organizational thinking. An IT director must also identify new market opportunities and should lead an effort to improve the organization's IT process.

Illustrated Career Paths For an Information Security Manager