The IS Global Security Manager (ISM) is responsible for protecting the company’s computers, networks, and data against threats, such as security breaches, computer viruses, or attacks by cyber criminals. This will include, but not limited to managing security event monitoring, incident response, and vulnerability management.
The ISM will be reporting to the Vice President, IS Global Security and plays a key role in the success of the Information Security program. This position will develop and drive the implementation of security strategies, technologies, and services worldwide.
- Understand, evaluate, and respond to security incidents.
- Management of information security operations, strategy, and engineering.
- Manage a staff of information security professionals, hire and train new staff, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members.
- Responsible for driving execution of daily, weekly, and monthly metrics for statistical threats and KPIs.
- Provides the reporting, investigation, and resolution of data security incidents.
- Ensure that Standard Operating Procedures are being created and followed by the team.
- Owns the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing a realistic overview of risks and threats in the enterprise environment.
- Develop a prioritized vulnerability remediation strategy for current and future systems that reduces risk exposure.
- Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements.
- Manage production issues and incidents, and participate in problem and change management forums.
- Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
- Maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations.
- Manage security projects and provide expert guidance on security matters for other IS projects.
EDUCATION & EXPERIENCE
A Bachelor’s Degree in Computer Science or related degree or equivalent combination of education/experience. Three plus years of information security role planning, implementation, coordination required and at least two years in a supervisory capacity.
SKILLS & CERTIFICATIONS
- CISSP or comparable certification preferred.
- Subject matter expertise within the following services: monitoring & log analysis, hunting operations, compromise assessments, forensics analysis, root cause analysis, investigation assistance, insider threat management, and incident management reporting.
- Demonstrates a profound sense of ethics, integrity, and confidentiality-adhering to a core set of values.
- Strong understanding of information security operations and the relationship between threats, vulnerabilities, and risk management.
- Possess a good understanding of emerging threats and leading-edge technologies.
- Is a proven innovator and creative problem-solver. Navigates ambiguity and exercises a moderate degree of autonomy in decision making.
- Strong leadership skills and the ability to work effectively with business managers, IS engineering and IS operations staff.
- Strong leadership abilities, with the capability to develop and guide information security team members and IS operations personnel, and work with minimal supervision.
- An understanding of operating system internals and network protocols.
- Experience in system technology security testing (vulnerability scanning and penetration testing).
- Ability to work weekends and after business hours.