SECURITY & COMPLIANCE MANAGER #001

SECURITY & COMPLIANCE MANAGER #001

Vacancy expired!

Position: SECURITY & COMPLIANCE MANAGER
Duration: 1 years
Location: Montgomery AL

Examples of Work:

• Supervises the work of security and compliance staff, to include recruiting, hiring, training, developing, and evaluating progress of staff as well as fostering collaboration among team members by addressing elements that could impede the group from reaching its goal.
• Supervises the conceptualization, design, development, and implementation of solutions for difficult and complex security domains.
• Supervises projects that may span a broad range of security domains and/or require expertise in multiple technical environments; manages vendor relations in relation to assignments.
• Leads or participates in project planning processes; creates development estimates and operational requirements to determine realistic project timelines.
• Engages, or participates, in long-term strategic planning.
• Serves as liaison between end users, security and compliance staff, project managers, and others in planning and building security solutions.
• Works with supervisors in other technical disciplines to ensure security measures work seamlessly within other environments.
• Performs related work as assigned.

Compensable Factors:

• Graduation from an accredited four-year college or university with a bachelor's degree in computer science, mathematics, engineering, or a closely related field.
• Extensive progressively responsible experience in complex security and compliance analysis work in more than one recognized information security domain including considerable experience as a supervisor.

IS & GRC Role:

• The Information Security Leader is responsible for developing and managing cyber security, including disaster recovery, database protection and software development.
• The IS Leader manages security analysts and engineers to ensure that all environments and information are secure.
• The IS Leader assesses security plans for existing vulnerabilities, prioritize security strategies to best cover strategically important data, analyze threat monitoring systems reports.
• Manage and maintain solid working relationships with key service providers.

IS & GRC Key Attributes:

• Prior experience building and leading incident response and vulnerability assessment teams.
• Understands emerging cyberthreat landscape, including threat tactics. Techniques. And procedures.
• Ability to translate SOC and SecOps Engineering services into business impact for IS and broader OIT / Agency Leadership.

Notes from meeting with the client

This is a NEW team
This team will be responsible for 24x7 operations
The are using a MSSP to manage 1st level triage
Leadership skills are important (A person who was in a team lead position MAY be able to fill the role id they have had experience with the below)
This role will be responsible for scheduling people
Counciling people
Delegating work
Helping guide the team
Should have had hands on experience but on this project on 10-15% will be hands on they should be delegating the hands on work to others.
But They need to be able to "Talk the Talk and Walk the Walk"
They will coordinate all activities
Team will actively manage the environment there will eventually be 13 members on the team
Certifications desired CISSP, CAN
Tools on the project include:
Splunk (MSSP is configuring it)
Endpoint
Fortinet
Fortigate
Pulse Secure
Web Sense
Tensible SC
Firewall
Sim filtering
Proof Point
Secure Plus
Cisco umbrella
Cisco amp