Our client is seeking a Information Security Manager as an advanced security manager who will define and lead the information security program across the organization. This role will work with Information Services management and staff and client business owners to define and monitor security standards, best practices, and systems necessary to ensure the protection and confidentiality of informational assets.
Position is located in Austin, Texas and selected candidate must live within a commutable distance.
Duties/Responsibilities:
- Manage Information Security staff
- Define and manage the information security program across the enterprise
- Build and maintain a strategic information security plan
- Build and maintain a one-year rolling tactical plan
- Oversee the information security architecture and associated technical solutions
- Respond to escalated incidents and concerns as appropriate
- Manage vendor relationships and associated budgets
- Oversee 3rd party security assessments including communications at executive and board of trustee level
- Develop and document security-related policies and document standard operating procedures
- Communicate cybersecurity risks and recommendations to mitigate them
- Manage security tools and services to perform job duties
- Research and stay informed of information security threats, industry trends, emerging technologies, and best practices
- Work in an advisory role in application development or acquisition projects to assess security requirements and to ensure that security controls are implemented as planned
- Be an evangelist for information security at TMRS, including participation in security awareness events and other outreach initiatives within client’s environment
Education and Experience:
- Bachelor’s degree in computer science, information security, or related field and a minimum of 12 years dedicated IT security experience and 10 years of direct supervisory experience.
- Three years of experience with risk management and NIST, SOC, and other security frameworks.
- Experience in diagramming and flowcharting security architecture, networks, and processes from both technical and business perspectives.
- Experience with project management tools and methodologies.
Preferred: Certification in at least one of the following:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified in Risk and Information Controls (CRISC)