Information Security Manager
2100 Powell Street, 12th Floor Emeryville, CA 94608
Location: Emeryville, CA
Position: Information Security Manager
Terms: Direct Hire
Interview Process: phone screen(s); onsite interview(s)
Our client in the insurance industry is looking to hire an Information Security Manager. You will lead their security operations team and will be in a hands-on role. You will be tasked to perform security and risk analysis, vulnerability management, meet compliance requirements and maintain a secure environment.
- Leads the Security Operations team, trains team members and stakeholders through both formal and informal training programs and encourages team members to take responsibility for their professional development.
- Research and investigate measures that address data security risks and potential losses.
- Install, modify, enhance, and maintain data system security software including continued development and monitoring of the Data Loss Prevention (DLP) program.
- Participate in development and implementation of the appropriate and effective controls to mitigate identified threats and risks.
- Follow-up on detected security issues and implement solutions to reduce security risks.
- Support improved data security awareness and education throughout the enterprise.
- Responsible for staying abreast of the latest industry security practices, trends and technologies.
- Deliver services that meet regulatory specifications. Work with internal and external auditors to document and confirm that all security administrative duties are properly performed and report on overall compliance.
- Act as a member of the incident response team. Document and report the results of investigation of security breaches.
- Subscribe to threat notification networks, new regulations, and information sharing networks to stay current on requirements and new threats to the industry.
- Manage Information Security projects as assigned, including the evaluation of any new applications and/or vendors for IT security adequacy.
- Maintain all appropriate IT and IT compliance records as required by laws and by internal policies.
- Must be a persuasive leader with the ability to communicate security-related concepts to a broad range of technical and non-technical staff.
- Experience in Security Operation Center is a must have.
- Certification is required, such as CISSP or CISM in good standing.
- At least 2 years of experience in management.
- Possesses expert knowledge of Security Information and Event Management (SIEM) systems, Network Performance Management (NPM) Systems, Network Access Control (NAC), Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), Data Loss Prevention (DLP).
- Strong business writing, communication and presentation skills.
- Strong verbal communication skills.
Education: A Bachelor’ s degree in computer science or related field (or equivalent experience), minimum 5+ years of progressive experience in information security and financial services or banking industry.