Information Security Compliance Manager Jobs

Experience and proficiency in developing and running day-to-day operations for mature Red, and Purple Team capabilities

Experience and proficiency in developing effective and innovative Ethical Hacking capabilities

8-12+ years of Information Security experience

Experience and proficiency in scheduling coordinating and reporting Compromise Assessment and Penetration Testing internal and external engagements

Strong working knowledge of various Threat Emulation and Red Team disciplines and services ( IT and OT) is preferred

Develop and implement a roadmap to define short- and long-term strategies as well as detailed activities for the team

Strong and proven leadership abilities

Strong knowledge of airline business systems and processes required

Strong knowledge of airline practices and operational procedures required

Strong knowledge of United corporate policies required

Strong knowledge of U.S. and foreign Aviation Security Regulations required

Must possess excellent verbal and written communication skills and the ability to exchange information and ideas so others will understand.

Is accountable to engage with application managers and execute application risk vetting/controls verification for applications in their business area.

Is detail-oriented and analytical in nature, with strong problem-solving skills

Experience with GRC (governance, risk, compliance) software

Consumer privacy related experience with GDPR in Europe and CCPA in California

Lead and drive technical expertise connection with business needs and the broader Information Security organization to address those needs.

Interface across the organization with other teams, such as system operations, infrastructure, auditors, security personnel etc.

Our client is seeking the services of an Information Security Manager.

8 years experience is preferred in Designing, Building and Security Web Information Systems using WAF SaaS Application

3 years experience is preferred working with HHSC Security or Network Engineers at HHSC

At least ten years security and / or cyber risk management experience in a large enterprise environment, including formal leadership responsibilities.

Communicates status of activities with teams, peers, management, and business partners

Project management – estimating, planning, controlling, and execution.

Application Security, e.g. understanding of application-layer security controls and risks, penetration testing, code reviews, Vulnerability Management, etc.

Identity & Access Management, e.g. LDAP administration, SSO, CyberArk administration, multi-factor authentication, etc.

Manage and lead a team of IT AutoZoners that includes assigning/monitoring work, providing feedback, coaching and development, counseling, and salary administration.

Experienced professional who is able to work with limited guidance in a 100% remote environment

Strong knowledge of SOC2, HIPAA, GDPR compliance frameworks

Strong communication skills (written, verbal, and listening)

Must have 3+ years of IT security compliance experience

Keep up to date with SOC2, HIPAA, GDPR, US and EU laws to keep Axcient compliant.

Maintain company policies based on new needs or laws.

Knowledge, Skills, and Experience Requirements

Support the development and maintenance of the Global Information Security Management System (ISMS) Management Committee, including governance related responsibilities.

Information security or compliance experience with a proven ability to engage confidently with Senior Management and staff from all other departments.

A solid understanding and of data management plus data and information security, including working knowledge of latest trends and technologies.

Information security management qualifications or similar.

PCI DSS certifications or experience (PCIP, certified Quality Security Assessor)

Proficient with firewalls, endpoint security, mobility management, and vulnerability scanning.

Remote culture with company equipment, virtual access, and monthly internet allowance

Self-managed Flexible Time Off / Paid Time Off + eight paid holidays per year

Career Development: Tuition reimbursement, certifications, and seminars

Extensive experience in identity governance and administration experience

Strong knowledge and expertise with identity governance tools such as OneLogin, AzureAD, CyberArk, Okta, etc.

Manages projects and other efforts associated with the firm’s compliance goals and requirements.

Ensures accountability for addressing audit findings through the active management of any associated issues list

Associate Degree in Information Technology/Security or equivalent combination of education and work experience will be considered in lieu of a degree.

Uses the firm’s GRC system to manage assigned control programs and any associated audits.

4+ years of job-related experience.

Excellent Written, Verbal and Presentation skills

Strong analytical and problem-solving skills, with the ability to identify and mitigate information security risks

Excellent communication and interpersonal skills, with the ability to effectively communicate technical information to non-technical audiences

Participate in the identification and assessment of information security risks, and assist in the development and implementation of risk mitigation strategies.

Assist the Senior Information Security Compliance Analyst in other related duties as assigned.

Familiarity with industry best practices for information security compliance, such as ISO 27001 and NIST Cybersecurity Framework

About The University At Buffalo

· Excellent interpersonal and collaboration skills, team player, approachable, professionally mature, relationship management and consulting skills

· Basic project management skills

· Assist with preparing reports for management and control owners on the effectiveness of their control environment.

· Maintain knowledge of overall business issues and objectives, understand company structure and functional responsibility.

· Proven ability to manage tasks fully from inception to completion

· Bachelor’s degree in information technology, information security, accounting, or related field or equivalent experience

4 years of management experience

Have 8 years of management experience

Coordinating change management and company-wide announcements

Formal certifications or education credentials

Have experience in all four areas of security, privacy, compliance, and engineering

Have experience supporting medium or large tech organizations

Generate reports on security incidents, vulnerabilities, and other relevant metrics for management review and potential action.

SOC, PCI, ISO knowledge and experience preferred

Incident Reporting & Vulnerability Management:

Continuously assess and update security policies to address emerging threats and vulnerabilities.

Monitor and maintain oversight of controls supporting the company’s SOC2 assessment and PCI DSS requirements.

Work with IT teams to ensure prioritization and remediation of identified vulnerabilities.

Works with internal teams to properly communicate audit requirements and gather necessary evidence for TradeCentric to successfully pass its audit

Assists Information Security Manager with updating and documenting changes to information security policies, procedures and internal standards

Four plus years of prior compliance experience

Hands on Information Security and/or security compliance experience with Information Security standards, technology and monitoring

Ability to manage demands of internal and external customers and auditors through phone, email and process requests

Auditing or leading experience responding to audits against control frameworks

Experience in people management and leading teams would be beneficial but is not required to apply for this position.

Strong leadership skills and the ability to motivate and manage a team effectively.

Collaborate with sales engineers to understand the security requirements of potential customers and develop solutions to meet those requirements.

Collaborate with the product development team to ensure that security features and capabilities are integrated into new products and updates.

Professional experience in security, including running SOC2, advising engineering teams on security, and managing security tools.

Strong knowledge of security best practices and technologies, including access control, intrusion detection, and incident response.

Serve as cybersecurity risk and subject matter expert and advisor for senior management on emerging threats, attacks, vulnerabilities and security concerns.

Manage and coordinate security incident response

5+ years of experience in securing systems running on public cloud infrastructures

Professional certifications such as CISSP, CISM, etc are preferred.

Experience in taking a risk-based approach to prioritize security efforts.

Excellent communication, interpersonal and leadership skills, able to communicate security concepts to both technical and nontechnical audience.

Understanding of project management methodologies.

Experience working with multiple business-functions.

Information Security Manager | New York | Law Firm | $180,000 - $195,000

The successful candidate will have proven experience with most of the below:

In-depth understanding of key information security and risk mitigation principles.

Mature and maintain the security strategy - through awareness programs, processes and effective reporting and metrics.

3-5 years of experience with cybersecurity and/or Identity and Access Management

Experience with incident response, risk assessment, and management

In-depth knowledge of identity and access management concepts, such as SSO, role-based access control, and identity federation.

Strong collaboration and change management skills

Enforce company policies and procedures related to identity and access management

Monitor system to prevent future cybersecurity risks, Identifying security vulnerabilities and developing plans to mitigate risks

Bachelor's Degree Required, Preference to BS and higher education.

4+ years of experience in cybersecurity or related compliance role

Experience with data loss prevention tools or data inventory tools.

Location: Hybrid in Dallas, TX or Cincinnati, OH.

Salary: Up to $135,000 Base + Discretionary Bonus*

Lead the end to end process with designing through monitoring of the information security risk program.

Ensure necessary working environment and capabilities to effectively carry out responsibilities if working from a non-AUS location (remote work)

Run Third Party (Vendor) Risk Management Program

Assist with preparing reports for management and control owners on the effectiveness of their control environment

Ability, willingness, and flexibility to travel as needed for approved work purposes in accordance with project and management schedules

Coordinate and manage external auditors, as needed

Maintain knowledge of overall business issues and objectives, understand company structure and functional responsibility