Information Security Manager Jobs

As the Information Security Manager, you will play a vital role in assisting Franklin Madison with protecting the confidentiality, integrity, and availability of sensitive information assets, including critical data. You will work under the guidance of IT and Risk Management in assisting in the implementation, monitoring, and maintenance of security measures across various teams, systems, and networks. This role requires a strong understanding of information security principles, control frameworks, technical expertise, and a commitment to continuous learning and improvement.

Key Responsibilities:

Security Governance & Policies:

• Develop, maintain, and communicate the organization's information security strategy, policies, standards, and guidelines.
• Participate in the development and maintenance of the organization's overall security governance framework.
• Continuously assess and update security policies to address emerging threats and vulnerabilities.
• Align security initiatives with business objectives, risk tolerance, and industry trends.

Security Compliance, Audit & Controls:

• Ensure compliance with relevant laws, regulations, and industry standards (e.g., SOC, PCI DSS, ISO 27001).
• Coordinate and participate in annual assessments.
• Participate in the evaluation and selection of security technologies.
• Conduct regular reviews across teams to ensure compliance with the control environment.
• Monitor and maintain oversight of controls supporting the company’s SOC2 assessment and PCI DSS requirements.
• Support client due diligence requests (questionnaires, assessments, etc.) related to information security.

Incident Reporting & Vulnerability Management:

• Document security incidents, investigations, and remediation actions taken.
• Work with IT teams to ensure prioritization and remediation of identified vulnerabilities.
• Generate reports on security incidents, vulnerabilities, and other relevant metrics for management review and potential action.
• Assist in conducting regular vulnerability assessments and penetration tests on systems and networks.

Security Awareness and Training:

• Assist in developing security awareness programs to educate employees on best practices and security policies.
• Support the implementation of security training initiatives and maintain awareness of emerging threats and trends.

Continuous Improvement:

• Proactively identify areas for improvement within the organization's security posture and propose recommendations.
• Stay abreast of the latest security trends, vulnerabilities, and technologies through ongoing learning and professional development.

• Strong knowledge of information security principles, best practices, and industry standards.
• Effective communication and collaboration skills.
• Excellent communication and interpersonal skills to effectively collaborate with stakeholders at all levels.
• Bachelor's degree in Computer Science, Information Security, Cyber Security, or a related field (or equivalent work experience).
• Ability to work independently as well as collaborate with the team.
• Experience with security risk assessment methodologies and tools.
• Excellent analytical and problem-solving skills.
• Knowledge of vulnerability assessment tools and techniques.
• SOC, PCI, ISO knowledge and experience preferred
• Basic understanding of networking protocols, operating systems, and web applications.