AMVETS Jobs

Position Overview

The Manager of Information Security will collaborate with the leadership team to create a Security strategy, vision, road map, as well as design and lead a Security program. The Manager will own and lead the delivery of a broad range of security initiatives and objectives across the organization.

This leader will be responsible for assuring Information Security and identifying risks related to the use, processing, storage and transmission of information and the systems and processes used for those purposes. In addition, this person will assist in identifying, analyzing, influencing the management of information risks across the organization, and will be involved in the architecting of solutions. This position reports into the Director, Network Services.

Key Job Responsibilities

Security Services Growth

• Shape security architectures for existing and proposed technologies

• Partner with the internal stakeholders on the security risk program with a focus on Governance, Risk and Compliance

• Facilitate the documentation of the Security issues, perform Security/Cyber Risk analysis, evaluate the findings from the analysis, draw conclusions and formulate strategic recommendations

• Determine what tools and solutions should be maintained internally vs. leveraging third party solutions

• Conduct analysis of log data, data correlation and device analysis

• Assess and monitor information security risks on new and existing IT projects

Security Services Maintenance

• Make recommendations to upper management on strategies to strengthen the overall IT environment and internal controls as well as ways to drive security awareness throughout the organization

• Oversee, manage and provide reporting from the Next Generation Firewalls (NGF)s, Anti-Virus, Malware, Security Information and Event Management (SIEM), Intrusion Detection / Prevention (IDS/IPS), Domain Name Services (DNS), Vulnerability scanners, and other security solutions that comprise the Security Architecture of the organization.

• Partner with infrastructure team on vulnerability assessment and remediation.

• Research attempts to compromise security protocol and recommend solutions.

Security Monitoring and Incident Response

• Recommend and validate information security controls and guidelines to ensure compliance with the Information Security program.

• Facilitate IR tabletop exercises

• CSIRT lead during an event

Maintain Security Documentation and Process

• Support the annual PCI recertification efforts and other assessments

• Ensure compliance with regulations and privacy laws

• Planning security backup and system disaster recovery?

• Partner with the Sales organization to respond to RFPs

People Development

• Provide management, guidance and mentorship including selection, motivation, performance management, salary administration, progressive discipline, training and development and strategic human resources planning.

• Implement and cultivate a team environment that focuses on service levels, customer satisfaction, and productivity.

• Promote and drive professional development and training efforts to improve overall business acumen, technical knowledge and project management.

• Foster an environment that empowers employees to make positive decisions while maintaining accountability for actions and results.

Job Qualifications

• Bachelors Degree or equivalent experience

• 3+ years in Red/Blue team

• 2-3 years managing a security operations center

• Deep knowledge and understanding of Security trends and strategies for identifying Security solutions to meet the company’s needs across the business

• Provide leadership with current and relevant information on different threats and security vulnerabilities that the organization may face, to ensure there are solutions in place to mitigate those risks; translate risk impact to business acumen

• Prior experience delivering and managing Information Security programs, ideally with one or more of the following: IT Security Strategy; IT Security Operations; Security Training and Awareness; IT General Controls Compliance Cybersecurity; Data Privacy and IT Risk

• Hands-on experience using intrusion detection tools and services as well as vulnerability management tools and services

• Experience conducting analysis of log data, data correlation and device analysis

• Ability to successfully build, develop and maintain strong relationships across the organization in efforts to drive awareness, adoption and on-going participation

• Highly self-motivated; able to work independently and as a team member

Competencies (by Core Values)

• Analytical Thinking

• Integrity

• Innovation

• Exceeds Customer Expectations

• Organizational Savvy

• Communication

• Teamwork

Office

Work is performed primarily in an office environment. Working times may include irregular hours and on-call status including days, evenings, weekends and holidays. Team members must adhere to appearance guidelines as defined by Encore based in an office environment and when traveling, on an individual venue or a representation of venues in that city or area.

The above information on this description is not necessarily an exhaustive list of all responsibilities, duties, skills, efforts, requirements or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed as assigned.

#INDCORP

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, age, marital status, pregnancy, genetic information, or other legally protected status.