Senior Manager Of Information Security

Exponent, Inc. Phoenix , AZ 85002

Posted 2 weeks ago

Exponent is a leading engineering and scientific consulting firm. Our multidisciplinary team of scientists, engineers, physicians, and regulatory consultants brings together more than 90 different disciplines to solve complicated problems facing corporations, insurers, government entities, associations and individuals. Our approximately 1000 staff members work in 26 offices across the United States and abroad. Exponent has over 800 consultants, including more than 500 that have earned a doctorate in their chosen field of specialization.

Exponent is seeking a Senior Manager of Information Security for our Phoenix, AZ, Menlo Park, CA or Natick, MA office. The Senior Manager of Information Security will be the leader of Exponent's InfoSec program. The primary responsibility for this position is to ensure that all corporate, employee, client, and third-party vendor data that Exponent controls or processes is protected, safe and secure. This individual will be responsible for leading a team that will design, build, implement, and maintain our information security program.

This opportunity requires strong technical competency and a proven managerial track record to build an efficient and effective information security program. The ideal candidate will be versatile and comfortable with technical challenges as well policy decisions.

Key responsibilities include:

  • Design, develop, monitor and maintain a standards-based Enterprise Information Security Program

  • Lead and scale InfoSec in accordance with the requirements of the company

  • Be the InfoSec subject matter expert, whether working with internal stakeholders or collaborating with our clients

  • Develop, maintain and enforce InfoSec policies, procedures and security metrics

  • Manage the implementation and automation of Enterprise standard security systems and software including but not limited to IDS/IPS, SIEM, HIDS, Vulnerability Scanners, Web Application Firewalls, Threat Monitoring and Detection

  • Manage internal and external security/risk assessments and programs as well as penetration testing, vulnerability management etc.

  • Collaborate with audit, compliance, and privacy stakeholders within the company

Qualifications for this position include:

  • B.S./B.A. degree and at least 10 years of relevant work experience in IT and/or InfoSec required

  • Previous security leadership experience

  • Excellent communication skills and ability to document and explain technical details clearly and concisely to multiple audiences in the company

  • Expertise in at least one pillar of information security, as defined by CISSP

  • Experience in building and scaling a well-rounded security program based on NIST or ISO controls

  • Familiarity with current regulatory requirements: GDPR, HIPAA, PCI, CSSP

  • Thorough understanding of the current threat and attack landscape, latest security trends and principles

  • Previous project management or audit experience preferred

  • Security certifications such as CISSP, OSCP or CISM are preferred

We are an Affirmative Action, Equal Employment Opportunity, Veterans and Disabled Employer.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Security Engineer 3

Choice Hotels

Posted 1 week ago

VIEW JOBS 3/17/2019 12:00:00 AM 2019-06-15T00:00 Information Security Engineer 3 In the hospitality industry, people matter. That's why here at Choice we're always looking for exceptional people - people who will challenge us, make our team stronger, smarter and more complete. People who know how to roll up their sleeves and tackle the job at hand; who go the extra mile to get the job done - and done well. At Choice we are looking for employees to connect the world through the power of hospitality - and we offer support, training and a collaborative workplace atmosphere that makes us a great place to bring together people, brands, and technology that enable success. Who are we looking for? Maybe it's you. The role… The Information Security Engineer 3 provides technical expertise on security technologies, configuring security alerts, reporting, and incident response activities to protect Choice customers, franchisees, and our business from information security threats. Reports directly to Information Security Manager and has no direct reports. What you will do… * Configure and assesses alerts and reports to: * Identify and respond to Information Security threats * Perform incident response activities as necessary * Review and assess firewall and other system design requests for adherence to best practices. Participate in the design of new systems. * Maintains security technologies such as SIEM, FIM, WAF across Choice systems and networks. * Assist in the development of standards and selection criteria to identify appropriate security solutions to support strategic operational needs and security requirements * Evaluates proposed changes that effect the technology environment to identify potential security gaps and recommends mitigating controls or options to include partnering with other teams to perform security testing * Assess the production environment on an ongoing basis to ensure that it remains compliant with external regulations and Choice Hotels Information Security Policies and Standards Skills you have… Education, Experience and Knowledge * Bachelor's degree (B.A.) or equivalent; or four years related experience and/or training; or equivalent combination of education and experience. * Minimum of 8 years professional Information Technology experience. * Minimum of 4 years professional Information Security experience. * Previous experience implementing and maintaining security technologies such as FIM, WAF, SIEM, IDS, etc. Skills * Excellent verbal, written and listening communication skills * Superb customer service skills * Exemplarily interpersonal skills necessary to interact effectively with team members, project managers, developers, engineers, vendors, users and business analysts as well as executive and senior management Abilities * Able to work under pressure and balance work load to ensure measurable progress on multiple high priority projects. * Ability to manage and prioritize multiple assignments supporting business as usual, user requests as well as special projects. * Able to work both independently as well as collaboratively achieving results within established timeframes with minimal supervision. * Ability and willingness to work long or late hours, based on system release and/or network update schedules * Must be able to uphold Choice's Values & Performance Principles of collaboration, performance excellence, sense of urgency, openness to new ideas, inclusion & diversity, integrity, customer focus, and respect. PREFERENCES * Information Security certification (CISSP, GCIH, CompTIA CASP+, OSCP, CEH, AWS Certified Security) * Previous experience in penetration testing, network engineering, or systems administration * Proficiency in scripting (Perl, Python, etc.) * Experience with AWS secure architecture design and AWS security tools Must be able to uphold Choice's Values & Performance Principles of accountability, collaboration, performance excellence, sense of urgency, innovation, inclusion & diversity, integrity & trust, customer focus, and respect. Choice Hotels Phoenix AZ

Senior Manager Of Information Security

Exponent, Inc.