please email resumes to todd@zsgtalent.com

Cyber Security Manager

Position Details:

  1. Keeps abreast of industry trends and current emerging risks
  2. Develop and maintain Cybersecurity specific program in accordance with leading standards (i.e. NIST, CSF and ISO).
  3. Lead assessments of current security technology and authentication systems and evaluate against Federal and State Information Protection and Privacy regulations, Information Security Policies, and other relevant regulations pertaining to the protection of Enterprise Information assets with respect to information security
  4. Develop and advance information security policies, standards and procedures in conjunction with the application and technology teams responsible for the day to day systems configuration and operation
  5. Lead the assessment and review of new and existing technology infrastructure to identify key risk areas and ensure adequate levels of control are in place to address those risks and develop risk mitigation techniques and processes to ensure that all reviews as actionable by system manager and the operations staff.
  6. Lead the consultative process and advise personnel in IT departments to coordinate information security activities
  7. Support Information Security Officer in Information Security activities as needed.
  8. Develop and lead activities supporting the IT Risk Management process such as data classification and security controls maintenance.
  9. Lead Collaborative programs with personnel in IT and all business units to ensure that electronic data security is consistently implemented throughout the Enterprise.
  10. Update skills as necessary to support Information Security and remain knowledgeable of industry standards and advancements.
  11. Assist with the design and administration of Cybersecurity Awareness Training, including reporting.
  12. Assist with the coordination and remediation of found vulnerabilities.
  13. Develop presentations and other materials to communicate Cybersecurity initiatives to all staff, senior management.
  14. Provide vision and leadership to develop and execute on an enterprise information security strategy and roadmap. Align with enterprise business strategy, gain executive approval and support, and oversee successful execution.
  15. Develop and maintain practical and actionable information security policy and standards that reflect the needs of the business while keeping pace with changes in the business environment, technology and threats in order to effectively mitigate and manage risk to the business.
  16. Develop and maintain a highly qualified staff of information security professionals across the enterprise. Build and maintain executive relationships necessary for the successful execution of the information security program.
  17. Maintain accountability for responsible information security program governance through formal reporting to the Vice President of System Development and System Operations, service as Chair of the Information Security Working Group, non-voting participation on the Corporate Compliance Committee, and alignment with executive stakeholders.
  18. Develop and implement an information security risk profile that prioritizes risk and the investment and financial strategy required to mitigate those risks.
  19. Create and maintain security architecture for the enterprise and participate in the solution selection and process development.
  20. Develop security requirements for information technology infrastructure initiatives, selected enterprise applications and, as appropriate, review and approve security design of initiatives.
  21. Measure compliance with policy as part of assessing the overall security risk posture of the enterprise, and initiate programs to achieve and maintain an adequate security posture.
  22. Develop and maintain external and internal relationships to influence security policy, standards and programs and enhance secure interoperability with extended entities
  23. Leverage information security investments to enhance business, administration and compliance processes.
  24. Develop and employ an ongoing information security communications, training and awareness program tailored to the evolving needs of the business and specific requirements of various user groups.
  25. Develop and make available a catalog of security services to support company and business unit security needs.
  26. Develop and maintain a responsive and effective information security incident response and management capability that will identify, contain and resolve information security incidents, meet compliance and reporting obligations, and uphold chain of custody and rules of civil procedure requirements.
  27. Provide an annual report to executive leadership on the information security risk posture of the enterprise.

City
Bethlehem
Province/State
PA
Job Type
Full-Time Regular
Please select how you would like to apply for the position and follow the prompts
Apply With