Information Security Manager of Operations

TCI has an immediate need for an Information Security Manager of Operations in Frankfort, KY. This is not a C2C opportunity .

This is a long-term contract opportunity with probable extensions.

Note : This position requires US Citizenship or Permanent Residence.

SUMMARY

The Information Security Manager of Operations will be responsible for overseeing and managing the day-to-day activities related to information security, playing a crucial role in ensuring the confidentiality, integrity, and availability of systems and data.

This position requires strong leadership skills, technical expertise, and a deep understanding of information security principles and best practices.

RESPONSIBILITIES

Security Operations Management

• Lead and managed the security operations team responsible for monitoring, detecting, and responding to security incidents.
• Develop and implement security policies, procedures, and standards to maintain a secure operating environment.
• Conduct regular security assessments, vulnerability scans, and penetration tests to identify and address potential security risks.
• Ensure compliance with relevant regulations, standards, and frameworks (e.g., GDPR, ISO 27001, NIST).

Incident Response and Management :

• Develop and maintain an incident response plan to mitigate security incidents effectively.
• Lead incident response activities, including containment, eradication, and recovery efforts.
• Coordinate with internal teams and external stakeholders to investigate security incidents and implement remediation measures.

Security Monitoring and Threat Intelligence :

• Oversee the implementation and management of security monitoring tools and technologies.
• Monitor security events and alerts to identify potential security threats and vulnerabilities.
• Stay informed about emerging threats and trends in cybersecurity through threat intelligence feeds and industry publications.

Security Awareness and Training :

• Develop and deliver security awareness training programs for employees to promote a culture of security awareness.
• Provide guidance and support to employees on security best practices and procedures.

Risk Management :

• Conduct risk assessments to identify and prioritize security risks to the organization.
• Develop risk mitigation strategies and controls to reduce the likelihood and impact of security incidents.
• Monitor and report on the effectiveness of risk mitigation efforts.

Vendor and Third-Party Risk Management :

• Evaluate the security posture of third-party vendors and service providers.
• Establish security requirements and standards for vendor contracts and agreements.
• Monitor and assess the security practices of vendors and third parties to ensure compliance with established standards.

REQUIREMENTS

• Minimum of 5 years of experience in information security, with at least two years in a management or leadership role.
• Bachelor's degree in computer science, Software Engineering, or a related field (equivalent professional experience may be considered for substitution for the required degree on an exception basis).
• One or more of the following certifications are a plus :
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information System Auditor (CISA)
• Other relevant certifications preferred.
• Understanding information security regulations, including the Federal Information Security Management Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), ISO 27001, COBIT NIST, and ITIL.
• Maintaining security, assessing and evaluating security, and doing security incident forensic work.
• Experience with Government agencies, particularly the Department of Defense (DoD), on information security matters. Experience with Government Classified systems and the associated security requirements.
• Proficiency in Microsoft Office Suite (Word, Excel, Outlook, etc.)
• Basic network security knowledge (general principles).
• Excellent documentation and communication skills.
• Ability to organize tasks into milestones and successfully execute to project completion.
• Can work independently with little direct supervision.
• General cyber-security understanding.
• Position is on-site in Frankfort, KY with some opportunity for hybrid work schedule.
12 hours ago