Description:

　　TEKsystems is seeking an Information Security and Privacy Manager to advance the security posture of our systems & endpoints nationally. The role will develop, manage, and lead strategies, programs, tools, frameworks, and policies, as well as provide technical oversight, control, and governance activities for the information security and data privacy programs. This candidate should be a strategic thinker with an open and collaborative style that fosters teamwork and provides achievable risk-reduction solutions that meet Harrington's mission, goals, and objectives.

　　• Leads the development and oversight of required corrective action plans relating to security risks and compliance requirements.

　　• Implements procedures and methods for auditing and addressing non-compliance to information security standards.

　　• Leads and directs day-to-day efforts with the outsourced Security Operation Center (SOC) and incident investigation team.

　　• Evaluate information security and privacy risks of key technology security initiatives within the context of jurisdictional requirements.

　　• Investigate and resolve cyber incidents and collaborate with information technology team members to implement remediation.

　　• Works with 3rd party cyber providers to review priorities, problems, alerts and root cause resolutions.

　　• Aligns with 3rd party cyber providers on tuning of tool sets including EDR, SIEM, Vulnerability Management and other tools.

　　• Aligns with metric-based measurement of progress and provides input into executive dashboards regularly.

　　• Builds and fosters strong relationships and collaborates closely with peers and partner groups in Corporate.

　　• Manages security compliance assessments and controls testing and oversees remediation of control failures.

　　• Leads IT, OT, and IoT security projects and provides topic subject matter expertise.

　　• Supports engineering efforts to improve and secure processes including external integrations with customers and suppliers.

　　• Identify areas for improvement and gaps against industry benchmarks, regulations, and leading practices.

　　• Advises management on cost/benefit analysis of security programs, risk levels, security posture, policies, processes, systems, and elements.

　　• Oversees and manages security and privacy awareness training and awareness program governance and compliance.

　　• Provides information security program/project delivery management and performs relevant metrics collection and reporting.

　　• Develops and review relevant policies, standards, and procedures.

　　• Performs cyber security incident response planning and testing governance and oversight; acts as the designated incident response commander.

　　• Develops and governs the third-party service provider/vendor risk management program.

　　• Provides disaster recovery planning and testing governance and oversight; acts as the integration point with organization-wide business continuity planning.

　　• Coaches and mentors associates on matters related to information security and data privacy practices.

　　Requirements:

　　• Bachelor of Science or higher

　　• 5-8+ years leading/managing information security and privacy projects and teams

　　• Experience adopting and implementing risk management, cyber security, and compliance frameworks (e.g., ISO 27000-series, NIST-CSF, Swiss Data Protection Act, EU GDPR, GxP)

　　• Understands business requirements and applies security without adversely affecting the desired functionality.

　　• Extensive experience working within OT/IoT/ICS environments.

　　• Knowledge of any security standard, e.g., IEC 62443/ISA 99, NIST SP 800-82, NERC CIP.

　　• Manages and helps prioritize competing priorities while maintaining organized and detailed reporting of status and progress.

　　• Possesses broad knowledge of both information technology and computer security issues, requirements, trends, and industry practices.

　　• Maintains professional and technical skills/knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; participates in professional societies.

　　• Possesses outstanding oral and written communication skills in English.

　　Skills:

　　Security, Information security, Audit, Soc, It audit, Cloud, Risk assessment

　　Top Skills Details:

　　Security,Information security,Audit

　　Additional Skills & Qualifications:

　　Blue collar type working environment.

　　Work directly with the CEO for security risk and IT protection.

　　Experience Level:

　　Expert Level

　　About TEKsystems:

　　We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

　　The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

　　We are an equal opportunity employers and will consider all applications without regard to race, genetic information, sex, age, color, religion, national origin, veteran status, disability or any other characteristic protected by law. To view the EEO is the law poster click here. Applicants with disabilities that require an accommodation or assistance a position, please call 888-472-3411 or email [email protected]. This is a dedicated line designed exclusively to assist job seekers whose disability prevents them from being able to apply online. Messages left for other purposes will not receive a response.