Information Security Manager

Eleven Recruiting - Century City, CA

Our client is looking for an IT Security Manager to join their team in Century City. This role will be responsible the development, delivery and compliance of a comprehensive information security and privacy program.

Responsibilities:

  • Enabling business strategy through the execution of information security services and capability
  • Overseeing execution of the information security maturity roadmap
  • Developing and maintaining information security strategy encompassing all computer systems, technology infrastructure and technology devices
  • Developing and maintaining of information security policies, standards and guidelines, complying with relevant U.S. and global information security guidelines and standards, including regular testing as appropriate
  • Improving the customer experience and protecting customers and staff through awareness activities and the implementation of protective controls
  • Working with wider security, risk and compliance parties and other stakeholders outside of IT to ensure aligned strategies and segregation of duties
  • Own the U.S. Business Continuity and Disaster Recovery planning and execution, including regular audit and testing of process and technology.
  • Overseeing incident response planning as well as the investigation of information security breaches, and assisting with disciplinary and legal matters associated with such breaches as necessary. This includes reporting to Senior Management on any significant breaches of information security
  • Working with financial auditors to ensure the IT controls are in place to support signoff of the financial audit
  • Manage IT Risk Management
  • Providing out of hours on call escalation for IT Security, business continuity and disaster recovery incidents
  • Ensuring that information security is an embedded and a critical part of the project delivery lifecycle and service operations – supporting project leadership in identifying these requirements and upskilling as required
  • Responsible for risk assessments on new installations, software applications and connections to wide area networks, 3rd party or public access points

Requirements:
  • A degree in IT or relevant business topic (desirable)
  • Proven experience of working in information security
  • Certified Information Systems Security Professional (CISSP)
  • Expert knowledge of current information security standards and guidelines
  • Strong process management and control skills, with experience in developing policies and processes
  • Expert in methods and techniques for risk management, business impact analysis, countermeasures and contingency arrangements
  • Extensive knowledge of good security practice covering the physical and logical aspects of information products, systems integrity and confidentiality
  • Ability to balance the benefits of optimized security with the cost of providing it, to promote the best overall interests of the business
  • Knowledge of industry trends in information security (e.g. PCI compliance)
  • Broad understanding of the retail and construction industries
  • Third party management and vendor selection skills
  • Understanding of application development, testing and project management techniques and methodologies (AGILE, DevOps, etc)


Posted On: Friday, November 8, 2019



Apply to this job
or