Job Details

ID #46009263
State California
City San diego
Job type Permanent
Salary USD TBD TBD
Source ICW Group (Insurance Company of the West)
Showed 2022-09-26
Date 2022-09-25
Deadline 2022-11-23
Category Et cetera
Create resume

Information Security Manager (San Diego, CA)

California, San diego, 92128 San diego USA

Vacancy expired!

Are you looking for more than just a job? Do you want to have a voice and feel a sense of belonging? At ICW Group, we hire innovative people who consistently adapt, grow and deliver. We believe in hard work, a fun work environment, and embracing creativity that only comes about when talented people collaborate to develop solutions. Our mission is to create the best insurance experience possible.

Headquartered in San Diego with regional offices located throughout the United States, ICW Group has been named for seven consecutive years as a Top 50 performing P&C company offering the stability of a large, profitable and growing company combined with a small-company entrepreneurial spirit. Our purpose-driven ethos provides team members with opportunities to contribute, develop, and belong.

The Information Security Manager is responsible to direct a team of Information Security (IS) professionals in the development, implementation, and compliance of both technical security and technical risk management across the enterprise. This position will reinforce the overall security posture of the organization through proactively coordinating security measures to monitor and protect systems as well as deal with the threats. This role exists as an integral member in planning and executing the organization's information security strategy.

This is a

HYBRID role based out of

SAN DIEGO, CA.

WHAT YOU WILL DO

Manages risks related to information security, physical security, business continuity planning, crisis management, privacy, and compliance.
  • Assesses risks to mitigate potential consequences of incidents and develops plans to respond to incidents. Analyzes risks to minimize losses or damages, develops safety standards, policies, or procedures.
  • Directs or participates in emergency management and contingency planning. Ensures there are emergency response plans or procedures. Directs organizational operations, projects, or services.
  • Writes or reviews security-related documents, such as incident reports, proposals, and tactical or strategic initiatives.
  • Analyzes and evaluates security operations to identify risks or opportunities for improvement through auditing, review, and/or assessment.
  • Conducts threat or vulnerability analyses to determine probable frequency, criticality, consequence, or severity of natural or man-made disasters or criminal activity on the organization's profitability or delivery of products or services.
  • Ensure that the organization's data and infrastructure are protected by enabling the appropriate security controls.
  • Manages resource availability to continuously support the business through sustained operations.
  • Identifies areas for improvement, develops improvement program and monitors the implementation to increase process efficiency.
Ensures all staff members are trained on enterprise and industry-regulated security requirements through awareness programs.
  • Enhances the information security awareness program.
  • Develops and recommends information security policies and procedures.
  • Leads security training and communicates policies. Leads by promoting a culture of collaboration, continuous improvement, quality and accountability.
  • Develops evaluation framework to assess the strengths of the team and to identify areas for improvement.
Develops and leads a team of Information Security professionals.
  • Provides daily direction to IS team. Communicates Mission, Values, and other organization operating principles to direct and indirect reports.
  • Oversees the performance management and development process for the assigned IS team members and performs performance management duties, development planning and coaching for direct reports.
  • Manages assigned IS budget, technology and other resources, workload, and customer requests for IS services. Ensures adherence to all Company policies and procedures and Compliance responsibilities.
  • Ensures data quality, adherence to IT security guidelines, profitability and other risk-related metrics for self and members of the team.

SUPERVISORY RESPONSIBILITIES
  • Directly supervises employees within the IS team and carries out supervisory responsibilities in accordance with company policies and applicable laws.
  • these responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; conducting performance and salary reviews; rewarding and disciplining employees; addressing complaints and resolving problems; coaching, mentoring, and developing team members to further their skills and knowledge; creating and monitoring development plans; setting performance expectations/goals; forecasting staffing needs and planning for peak times and absences; enforcing department policies and procedures.

WHAT YOU BRING TO THE ROLE
  • Bachelor's Degree in Computer Science, IT, or similar field required.
  • Minimum 5 years of experience in managing and leading IT Security teams.
  • Minimum 10 years of related IT and information security experience required.
  • Minimum 3-5 years of experience in AWS Cloud Security services preferred. Equivalent combination of education and experience may be considered.

CERTIFICATES, LICENSES, REGISTRATIONS
  • Professional certifications in Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), Certified Ethical Hacker (CEH), GIAC Penetration Tester (GPEN), and/or Security + preferred. AWS Certified Security-Specialty certification preferred.

KNOWLEDGE AND SKILLS
  • Experience with AWS Services such as AWS Identity & Access Management, AWS Organizations, AWS Security HuB, Guard Duty, CloudTrail, AWS CloudTrail.
  • Experience in cyber security with working knowledge of data analysis, risk assessment and mitigation, investigation methods, incident management concepts and practices, with background in intrusion detection and forensic analysis.
  • Possess technical ability to use and manage Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls & Log Analysis, SIEM, Network Behavior Analysis tools, Antivirus, Network Packet Analyzers, Malware analysis and forensics tools.
  • Knowledgeable in networking and proven experience in Windows and Linux environments, including Group Policy and Active Directory.
  • Demonstrable track record for taking initiative and getting things done under minimal supervision.
  • Knowledge of national regulatory compliances and frameworks such as ISO, SOX, HIPAA, and PCI.
  • Advanced in policy formulation, information security management, and business risk management.
  • Competent in IT risk assessment and management, IT continuity management, IT governance formulation, and organizational change management.
  • Working knowledge of IT financial management and IT audit.
  • Strong experience and detailed technical knowledge in security engineering, system and network security, authentication, and encryption protocols.
  • Detail oriented, strong analytic and problem-solving skills.
  • Strong organizational skills with the ability to juggle multiple projects/tasks at once.
  • Effective verbal/written communication and presentation skills, including an ability to communicate effectively with a diverse array of stakeholders.

COMPETENCIES

This position maps to the Manager level competencies. Additional competencies required: Leadership, Relationship Building, and Problem Solving.

#LI-JD1

#dice

Vacancy expired!

Subscribe Report job