Search jobs > San Francisco, CA > Information security

Sr Manager Information Security

Highering LLC
San Francisco, California, US
Full-time

Information Security threat landscape continues to remain increasingly complex and requires constant vigilance to secure a large, global enterprise.

The Sr. Manager Information Security & Risk Management (ISRM) will report directly to the CISO. This position will collaborate with various stakeholders within IT, Legal, HR, and business units to create and maintain information security strategy & roadmap.

The Sr. Manager Information Security will help architect and implement security solutions to enable business processes while ensuring that confidential information remains secure under corporate control.

This position will work on assessing the security controls of new & existing applications & processes and oversee the incident response process.

The Sr. Manager Information Security will work with software & product security groups and external experts to enhance the security posture of software & products.

This position will work closely with executives, business managers, and IT to communicate the importance and need for enhanced security controls.

Check all associated application documentation thoroughly before clicking on the apply button at the bottom of this description.

Principal Responsibilities

  • Work with CISO and management to develop an information security vision and strategy that is aligned with organizational priorities and enables business objectives
  • Develop, implement and monitor a comprehensive information security program to protect the organization
  • Manage the budget for the information security function
  • Work with Legal and HR to develop, implement and monitor a comprehensive data loss prevention program
  • Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action
  • Work with IT, Legal, HR, and business units to facilitate security risk assessment & risk management processes and ensure that residual risk is in line with company’s risk tolerance
  • Develop, implement, and maintain security assessment processes & tools to review the security controls in on-premise and cloud-based applications
  • Evaluate the impact of cloud applications on the overall Enterprise Architecture as it relates to information security
  • Ensure that security is embedded in the project delivery process by providing appropriate information security policies, procedures, and guidelines
  • Understand the impact to security and IP Protection for mobile platforms and networks and make recommendations for maintaining a secure mobile environment
  • Work with Computer Security Incident Response Team (CSIRT) to manage & contain information security incidents and events to protect company IT assets, Intellectual Property, and company’s reputation
  • Develop and implement Red Team and Penetration Testing process
  • Manage the vulnerability assessment & management and patching process
  • Conduct cybersecurity tabletop exercises to improve response capabilities
  • Work with internal stakeholders to manage customer & government audit requests
  • Work with data privacy officer and privacy team to ensure that data privacy requirements are included where applicable
  • Provide regular reporting on the current status of information security program to management
  • This position may require traveling up to 24% of the time

Qualifications

  • BA / BS in Information Technology or related field from an accredited university
  • Minimum of 10 years of experience in a combination of information security, risk management, security review, and incident response
  • Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar certification
  • Knowledge of common information security management frameworks, such as ISO / IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
  • Proven track record and experience in executing information security & intellectual protection programs in a global environment
  • High degree of competence with Microsoft Office Productivity Applications
  • Ability to assess, validate and incorporate new tools, practices, strategies,and process to gain efficiencies in the areas of cybersecurity & intellectual property protection
  • Sound knowledge of business management and a working knowledge of information security risk management and cyber security technologies
  • Experience with data loss prevention and digital rights management applications, practices, principles,and strategies is especially helpful
  • Must have experience in participating and managing customer & government audits
  • Demonstrated experience in managing information security in a large, global company
  • Experience in manufacturing and R&D environments
  • Poise and ability to act calmly and competently in high-pressure, high-stress situations
  • High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity
  • Ability to motivate the information security team to achieve tactical and strategic goals, even when only dotted line reporting lines exist
  • Adaptable, innovative, and detail oriented
  • Disciplined to solve complex problems with the ability to solve issues and drive solutions that solve business problems
  • Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
  • Excellent written, verbal, presentation, and interpersonal communication skills
  • Experience in presenting to large groups

et bloom inline optin id optin 1

Tagged as : Analytics, CISA, CISM, CISO, CISSP, Cloud, COBIT, Cybersecurity, information security, ISO / IEC 27001, ITIL, NIST

J-18808-Ljbffr

6 days ago
Related jobs
Promoted
PWC
San Francisco, California

Accounting, Accounting & Finance, Accounting & Technology, Business Administration/Management, Computer and Information Science & Accounting, Economics and Finance, Economics and Finance & Technology, Management Information Systems, Management Information Systems & Accounting, Ec...

Promoted
Docusign, Inc.
San Francisco, California

The Trust and Security organization is looking for a passionate, self-driven product manager that will help to enhance and enable Docusign to expand and protect the brand by maturing a global portfolio of information security services, tools and product capabilities. As a member of the team you will...

Promoted
CloudFlare
San Francisco, California

Manager, Security Customer Assurance. Review security clauses in contracts; advise on Cloudflare’s security posture and ensure contracts accurately reflect our measures. Manager of Customer Assurance, you'll have the opportunity to develop, mature and operate a global customer assurance function. Th...

Promoted
Cloudflare, Inc.
San Francisco, California

Review security clauses in contracts; advise on Cloudflare's security posture and ensure contracts accurately reflect our measures. Manager of Customer Assurance, you'll have the opportunity to develop, mature and operate a global customer assurance function. This role will work directly with our cu...

Promoted
Databricks Inc.
San Francisco, California

Support Security Software Engineers in their career development by providing clear feedback and developing security leaders. The Detection & Response team's mission is to protect Databricks products, cloud infrastructure, endpoints and employees from security threats and modern attacks. We are a tea...

Promoted
Apple Inc.
San Francisco, California

As a Senior Program Manager, you will lead program management efforts for Search and Information in Siri, Spotlight, and Safari. We’re looking for a strong Engineering Program Manager with a proven track record of building and maintaining sophisticated software platforms, tools and processes that de...

City National Bank
San Francisco, California

MANAGER, INFORMATION SECURITY III WHAT IS THE OPPORTUNITY? The Information Security Manager III is a key senior leadership role in the Information Security program. The Information Security Manager III has an established record of accomplishment, demonstrates subject area mastery and leads a functio...

95-2566122 First American Title Insurance Co
G,California Home

The Information Security Endpoint Engineering Manager will manage a group of talented Information Security Engineers who build and deploy solutions to protect First American’s technology and data. CISSP (Certified Information Systems Security Certified Professional), CISA (Certified Information Syst...

Live Nation Worldwide, Inc.
Remote, California,
Remote

Reporting to the [VP Product & Tooling], you will be a part of a global, dedicated multi-disciplinary team of passionate information security and privacy professionals. Working with internal business experts, internal / external consultants, and owners of products throughout the Live Nation ecosyste...

Apple
San Francisco Bay Area, California

As a Senior Program Manager, you will lead program management efforts for Search and Information in Siri, Spotlight, and Safari. We’re looking for a strong Engineering Program Manager with a proven track record of building and maintaining sophisticated software platforms, tools and processes that de...