Encore Schiller Park , IL 60176
Posted 2 weeks ago
Position Overview
The Manager of Information Security will collaborate with the leadership team to create a Security strategy, vision, road map, as well as design and lead a Security program. The Manager will own and lead the delivery of a broad range of security initiatives and objectives across the organization.
This leader will be responsible for assuring Information Security and identifying risks related to the use, processing, storage and transmission of information and the systems and processes used for those purposes. In addition, this person will assist in identifying, analyzing, influencing the management of information risks across the organization, and will be involved in the architecting of solutions. This position reports into the Director, Network Services.
Key Job Responsibilities
Security Services Growth
Shape security architectures for existing and proposed technologies
Partner with the internal stakeholders on the security risk program with a focus on Governance, Risk and Compliance
Facilitate the documentation of the Security issues, perform Security/Cyber Risk analysis, evaluate the findings from the analysis, draw conclusions and formulate strategic recommendations
Determine what tools and solutions should be maintained internally vs. leveraging third party solutions
Conduct analysis of log data, data correlation and device analysis
Assess and monitor information security risks on new and existing IT projects
Security Services Maintenance
Make recommendations to upper management on strategies to strengthen the overall IT environment and internal controls as well as ways to drive security awareness throughout the organization
Oversee, manage and provide reporting from the Next Generation Firewalls (NGF)s, Anti-Virus, Malware, Security Information and Event Management (SIEM), Intrusion Detection / Prevention (IDS/IPS), Domain Name Services (DNS), Vulnerability scanners, and other security solutions that comprise the Security Architecture of the organization.
Partner with infrastructure team on vulnerability assessment and remediation.
Research attempts to compromise security protocol and recommend solutions.
Security Monitoring and Incident Response
Recommend and validate information security controls and guidelines to ensure compliance with the Information Security program.
Facilitate IR tabletop exercises
CSIRT lead during an event
Maintain Security Documentation and Process
Support the annual PCI recertification efforts and other assessments
Ensure compliance with regulations and privacy laws
Planning security backup and system disaster recovery?
Partner with the Sales organization to respond to RFPs
People Development
Provide management, guidance and mentorship including selection, motivation, performance management, salary administration, progressive discipline, training and development and strategic human resources planning.
Implement and cultivate a team environment that focuses on service levels, customer satisfaction, and productivity.
Promote and drive professional development and training efforts to improve overall business acumen, technical knowledge and project management.
Foster an environment that empowers employees to make positive decisions while maintaining accountability for actions and results.
Job Qualifications
Bachelors Degree or equivalent experience
3+ years in Red/Blue team
2-3 years managing a security operations center
Deep knowledge and understanding of Security trends and strategies for identifying Security solutions to meet the company's needs across the business
Provide leadership with current and relevant information on different threats and security vulnerabilities that the organization may face, to ensure there are solutions in place to mitigate those risks; translate risk impact to business acumen
Prior experience delivering and managing Information Security programs, ideally with one or more of the following: IT Security Strategy; IT Security Operations; Security Training and Awareness; IT General Controls Compliance Cybersecurity; Data Privacy and IT Risk
Hands-on experience using intrusion detection tools and services as well as vulnerability management tools and services
Experience conducting analysis of log data, data correlation and device analysis
Ability to successfully build, develop and maintain strong relationships across the organization in efforts to drive awareness, adoption and on-going participation
Highly self-motivated; able to work independently and as a team member
Competencies (by Core Values)
Analytical Thinking
Integrity
Innovation
Exceeds Customer Expectations
Organizational Savvy
Communication
Teamwork
Office
Work is performed primarily in an office environment. Working times may include irregular hours and on-call status including days, evenings, weekends and holidays. Team members must adhere to appearance guidelines as defined by Encore based in an office environment and when traveling, on an individual venue or a representation of venues in that city or area.
The above information on this description is not necessarily an exhaustive list of all responsibilities, duties, skills, efforts, requirements or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed as assigned.
#INDCORP
Encore