Sr. Manager of Client Security Solutions/BISO JT2LH
- Expired: over a month ago. Applications are no longer accepted.
Sr. Manager of Client Security Solutions- Remote
iSphere is currently seeking a highly motivated and experienced Sr. Manager of Client Security Solutions. This role will serve as a senior leader within the Information Security team reporting directly to the Senior Vice President, Chief Information Security Officer. The Sr. Manager of Client Security Solutions is responsible for understanding the current security posture of the organization’s Clients, Client facing systems and processes globally. While performing this work, the individual catalogs and analyzes client-required or requested security practices, allowing Global IT to select improvements to security practices that make the company more competitive. In responding to the complex client requests (MSAs and Questionnaires) will work with legal, compliance and support teams to effectively respond back with compliance with privacy regulations (i.e. GDPR).
In the role of the Sr. Manager, Client Security Solutions you will:
- Be the primary leader to support various Client security needs and solutioning with the business to achieve and maintain Client security compliance.
- Coordinate client focused security needs across the CISO office to bring in resources as needed.
- Participate with other business areas on reviews of Client security requirements and solutioning.
- Develop and execute Client security reporting as required by the business.
- Interface regularly with the business and Client representatives on security matters.
- Participate in evaluations of security technologies for fits in the business to achieve security requirements and controls.
- Lead or participate in various security, privacy, risk management, and other initiatives.
- Determine, measure, and agree on actions to close "risk gaps" working with appropriate management and client representatives.
- Strong advocate of IT Security across the Business and Clients ensuring that any recommendations are appropriate and proportionate to the value of the data.
- Build and socialize an IT Security service catalogue that can be used to enable clients and the business to identify appropriate controls to protect their data.
- Lead efforts of SOC2 assessments for Client driven systems as required by the business
- Maintain knowledge of, and contribute to, IT General Controls, EU privacy controls, Cyber Essentials, IT compliance controls (SOX, SOC1, SOC2, etc.), and ISO 27000 security controls.
- Review technical architecture(s) diagrams for security posture, to ensure they meet organizational standards.
- Maintain current assessments of organization’s current global security posture, particularly with respect to client-related information services, using the associated questionnaires and tools.
- Work with teams to develop standard responses for client security questionnaires, particularly those based on the Shared Assessments methodology, for use in building a scalable response process.
- Participate in programs to acquire security certifications or attestations related to client services.
- Work with auditors and vendors who support security and privacy maturity development, and with internal and external auditors.
- Bachelor's Degree in Business, Computer Science, Information Security, or related field from an accredited college
- 6 – 10 or more years’ experience in an IT Risk and/or IT Audit positions
- Experience with IT risk standards and industry best practice approaches, such as ISO 27001 / 2, CoBIT, COSO, ITIL, etc.
- Knowledge of risk assessment methodologies, IT policies and standards, awareness and training.
- Knowledge of, and in-depth experience with, more than one major IT discipline (e.g., distributed computing, networks, financial applications design and development, IT security and business recovery).
- Knowledge of Shared Assessments methodology.
- Maintain understanding of cloud computing and innovation in operational technology
- Knowledge of IT processes and development life cycle
- Experience in information security, governance and privacy
- Strong level of experience using the MS suite of Products.
- A Master’s degree from an accredited college or university
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent is preferred
- One or more of the following additional Information Security certifications are preferred: ITIL, CISA, CISM, GMON, CISSP, GSNA, CRISC, GSE, CCSP, CHFI.
- Experience with a GRC system highly desirable.
Many of our consulting roles offer the possibility to transition to staff assignments with our client companies for those candidates that are interested and can serve as an excellent chance to try an environment out before making a long-term career commitment to an organization.
iSphere offers several choices of major medical plans as well as the opportunity to participate in 401K and profit sharing plans.
Client access, flexibility, and support for your long-term goals; get more at iSphere
Building on a foundation of individual care and commitment for over 20 years, iSphere continues to grow by setting the standard for better service to both our IT consultants and the clients we serve.
As Corporate and Government solution strategists and architects, iSphere provides innovative products, professional services, and staff to help private and public sector clients achieve their goals and transform their technology driven business models. Clients partner with us to deliver successful business-IT strategy, top technology systems and bright IT talent.
Partners to the energy and financial trading, healthcare, education, and government sectors, iSphere’s team of skilled consultants are experts at solving business and technology challenges with advanced IT solutions.
With an unflagging work ethic, a cohesive team, and a passion for innovative service and solutions, our clients know they can depend on iSphere.
TechnologyView all jobs at iSphere
Get fresh SRS Security jobs daily straight to your inbox!