IT Security Program Manager

Envision

Remote, OR

Expired: over a month ago Applications are no longer accepted.

Full-Time

Job Description

Provide SME technical knowledge for IT Integration with parent company

Protects system by defining access privileges, control structures, and resources

Develop Security Policies and Standard Operating Procedures based on high level Security Policies and develop and report monthly compliance status reports

Proactively identifies and implements security improvements by assessing current situation; evaluating trends; anticipating requirements; recognizes problems by identifying abnormalities; reporting violations; suggesting configuration changes to the server, network, client, and/or security devices

Perform gap analyses between current usages of the tools and optimal usage based on business requirements.

Identifies security violations, deficiencies, and inefficiencies through periodic audits and regular monitoring. Ensures authorized access by investigating improper access; revoking access; reporting violations; monitoring information requests by new programs; recommending improvements.

Arranges for and coordinates vulnerability and penetration testing activities.

Assist with any required auditing or audit readiness functions

Reviewing, making recommendations for improvement, documenting, and coordinating activities to maintain appropriate application security for both Commercial-Off-the-Shelf and for internally developed applications in alignment with best practices and any Industry standards.

Complete complex tasks spanning multiple domains

Collaborates with other IT teams to troubleshoot performance issues with Security tooling

Contributes to team effort by assisting and mentoring IT and Sec Eng teammates and works under minimal supervision

Provide oversight and management of Managed Service Providers where services and/or tools have been outsourced

Can marshal resources (people, funding, material, and support) to get things done; can orchestrate multiple activities at once to accomplish a goal; uses resources effectively and efficiently; arranges information and files in a useful manner

Authoritative, quick decision making within the defined span of control; focused on established systems and technologies; fact-based, solution-oriented, minimal risk-taking

Maintains technical knowledge by attending educational workshops; reviewing publications

Basic Qualifications:

B.S. degree in Security, Engineering, or Computer Science, a related field, or experience

9+ years of IT/Security experience

Proven ability to document Security SOPs, Policies and Standards

Strong communication skills, both written and verbal

Preferred Qualifications:

Understanding of Security frameworks, such as NIST, CIS

Working knowledge of various cybersecurity technologies, e.g., SIEM, IDS/IPS, AV, DLP, TVM

Splunk search, alert reporting, dashboarding experience, or equivalent experience with a log aggregation and reporting tool

Relevant IT / cyber security certification is desired, such as GIAC, CISSP, CISM, Security+, CEH, etc

Understanding of Server, Infrastructure and Endpoint configuration settings