Information Security Program Manager Jobs

Experience and proficiency in developing and running day-to-day operations for mature Red, and Purple Team capabilities

Experience and proficiency in developing effective and innovative Ethical Hacking capabilities

8-12+ years of Information Security experience

Experience and proficiency in scheduling coordinating and reporting Compromise Assessment and Penetration Testing internal and external engagements

Strong working knowledge of various Threat Emulation and Red Team disciplines and services ( IT and OT) is preferred

Develop and implement a roadmap to define short- and long-term strategies as well as detailed activities for the team

Be able to pass the medical and physical requirements outlined in the contract.

Must possess a minimum of three (3) years of experience in administrative support with an emphasis on security-related programs.

Prepare and maintain records, to include personnel, property, maintenance, and operational records.

Maintain duty schedules and time sheets.

Other administrative functions as assigned by the U.S. Government.

Be at least 21 years of age.

Our client is seeking the services of an Information Security Manager.

8 years experience is preferred in Designing, Building and Security Web Information Systems using WAF SaaS Application

3 years experience is preferred working with HHSC Security or Network Engineers at HHSC

At least ten years security and / or cyber risk management experience in a large enterprise environment, including formal leadership responsibilities.

Communicates status of activities with teams, peers, management, and business partners

Project management – estimating, planning, controlling, and execution.

Application Security, e.g. understanding of application-layer security controls and risks, penetration testing, code reviews, Vulnerability Management, etc.

Identity & Access Management, e.g. LDAP administration, SSO, CyberArk administration, multi-factor authentication, etc.

Manage and lead a team of IT AutoZoners that includes assigning/monitoring work, providing feedback, coaching and development, counseling, and salary administration.

Proficient with firewalls, endpoint security, mobility management, and vulnerability scanning.

Remote culture with company equipment, virtual access, and monthly internet allowance

Self-managed Flexible Time Off / Paid Time Off + eight paid holidays per year

Career Development: Tuition reimbursement, certifications, and seminars

Extensive experience in identity governance and administration experience

Strong knowledge and expertise with identity governance tools such as OneLogin, AzureAD, CyberArk, Okta, etc.

5+ years of program management experience in an enterprise level Cross-functional organization, Marketing experience a plus

Excellent interpersonal and relationship management skills

Anticipate bottlenecks, identify contingencies, and provide escalation management throughout the program lifecycle.

Strong communication skills, effectively communicate problems, issues, risks, solutions, to stakeholders

Stand up new projects, leading teams to define and execute project plan deliverables, milestones, risks and dependencies.

Ensure consistency & quality of communications to your team, partnering teams, stakeholders and executive sponsors.

5+ years of experience in technical project/program management in an enterprise environment

5+ years of experience working directly with engineering teams

Strong experience with security initiatives and IAM

Strong experience working in an agile environment

Experience with IDP or application migration initiatives preferred

Degree in Computer Science or related field is a plus

Manages projects and other efforts associated with the firm’s compliance goals and requirements.

Ensures accountability for addressing audit findings through the active management of any associated issues list

Associate Degree in Information Technology/Security or equivalent combination of education and work experience will be considered in lieu of a degree.

Uses the firm’s GRC system to manage assigned control programs and any associated audits.

4+ years of job-related experience.

Excellent Written, Verbal and Presentation skills

Formal education or professional experience in information assurance and/or information security management.

Preferred Education Skills And Experience

Strong communication skills including experience delivering professional presentations to directors and other high-level staff.

Experience identifying key performance indicators to quantitatively assess the performance of a security program and to characterize an organization’s security posture.

Security posture metrics and reporting

Understanding of how to utilize automation tools to increase the productivity and responsiveness of a SOC .

Generate reports on security incidents, vulnerabilities, and other relevant metrics for management review and potential action.

SOC, PCI, ISO knowledge and experience preferred

Incident Reporting & Vulnerability Management:

Continuously assess and update security policies to address emerging threats and vulnerabilities.

Monitor and maintain oversight of controls supporting the company’s SOC2 assessment and PCI DSS requirements.

Work with IT teams to ensure prioritization and remediation of identified vulnerabilities.

Serve as cybersecurity risk and subject matter expert and advisor for senior management on emerging threats, attacks, vulnerabilities and security concerns.

Manage and coordinate security incident response

5+ years of experience in securing systems running on public cloud infrastructures

Professional certifications such as CISSP, CISM, etc are preferred.

Experience in taking a risk-based approach to prioritize security efforts.

Excellent communication, interpersonal and leadership skills, able to communicate security concepts to both technical and nontechnical audience.

Understanding of project management methodologies.

Experience working with multiple business-functions.

Information Security Manager | New York | Law Firm | $180,000 - $195,000

The successful candidate will have proven experience with most of the below:

In-depth understanding of key information security and risk mitigation principles.

Mature and maintain the security strategy - through awareness programs, processes and effective reporting and metrics.

7+ years of work experience in information security, program/project management, or similar capacities

SANS or CISSP certification in areas of Security strategy & roadmap development, Enterprise security, Access Management, and Risk Management

Develop, implement, and iterate on program management procedures, frameworks, and metrics to achieve business goals with defined success criteria

Analytical, problem-solving, negotiation and organizational skills with a clear experience focusing under pressure

Engage with cross-functional stakeholders to define security, risk, and compliance requirements

Experience driving projects end-to-end independently, including evaluating, defining and improving end-to-end processes

3-5 years of experience with cybersecurity and/or Identity and Access Management

Experience with incident response, risk assessment, and management

In-depth knowledge of identity and access management concepts, such as SSO, role-based access control, and identity federation.

Strong collaboration and change management skills

Enforce company policies and procedures related to identity and access management

Monitor system to prevent future cybersecurity risks, Identifying security vulnerabilities and developing plans to mitigate risks

Bachelor's Degree Required, Preference to BS and higher education.

4+ years of experience in cybersecurity or related compliance role

Experience with data loss prevention tools or data inventory tools.

Location: Hybrid in Dallas, TX or Cincinnati, OH.

Salary: Up to $135,000 Base + Discretionary Bonus*

Lead the end to end process with designing through monitoring of the information security risk program.

Acts as a change agent and drives the organization forward using effective management, analysis, and strategic skills

Demonstrates and leverages subject matter expertise in information security, governance, risk management, and compliance.

Demonstrates solid organizational skills and the ability to multi-task, prioritize workloads, and delegate responsibilities.

Demonstrates strong analytical skills and effectively interprets and applies applicable regulations and requirements.

Responsible for developing and leading the education of the organization's employees in the information security program.

Effectively manages stress in a constantly changing environment.

Professional security management-related certifications are strongly preferred. CISSP, CISM, SANS GIAC, and/or CRISC

Strong knowledge of cybersecurity and information risk management standards, guidelines, and frameworks. Working knowledge of NIST is highly preferred.

Work with CoSo Project Managers, as needed, to coordinate managing multiple related projects directed toward strategic business and organizational objectives.

BS in Computer Science, Information Systems, or comparable work experience is desirable.

A minimum of 5 years experience in the Information Security field. (7+ years preferred)

Experience leading FedRAMP compliance initiatives at a Moderate or High baseline level.

Automated access control management, required reporting, security education, and protection of classified assets.

Knowledge of 32 CFR Part 117 National Industrial Security Program Operating Manual (NISPOM) Rule

Working knowledge of OPSEC, Controlled Unclassified Information (CUI), and Counterintelligence

Experience with various security databases such as SIMS, DISS, NISS, etc.

Strong interpersonal and team building skills

Candidate will typically have a Bachelor's Degree and 3+ years of experience.