Manager Information Security
7 days ago
The Manager, Information Security is responsible to enable the company's business strategies, manage information technology risk, and drive business-as-usual regulatory compliance.
This position leads the assessment, documentation, audit, and continuous improvement of the company's compliance and risk posture and maturity as they relate to its information assets and technology supply chain.
The purpose of this position is to provide highly skilled technical and information security leadership, consulting, and expertise for the development and implementation of the information security risk management program.
Responsibilities require leadership and project management experience, as well as expertise to ensure effective system-wide security analysis; intrusion detection and incident handling; standards and testing; risk assessment; awareness and education; auditing; and development of policies, standards, and guidelines.
JOB RESPONSIBILITIES:
- Execute, maintain, and expand our information security compliance program.
- Drive the development and implementation of the system-wide risk management function of the information security program to ensure information security risks are identified and monitored.
- Lead PenTest projects including remediation plans
- Act as the Incident Response Coordinator for security investigations and incidents
- Assess, evaluate, and make recommendations to management regarding the adequacy of and options to strengthen the security controls for the company's information and technology systems and procedures.
- Drive compliance with the system-wide information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies, and regulations.
- Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
- Develop and maintain policy, standards, processes, and procedures to assess, monitor, report, escalate and remediate IT risk and compliance related issues.
- Work collaboratively with corporate compliance, internal audit, corporate risk management, and various technical teams in the design and implementation of audit, risk assessment and regulatory compliance practices for IT.
- Coordinate compliance work streams across multiple functional areas.
- Lead cross-functional projects teams in the development, implementation, monitoring and reporting of control processes, documentation and compliance routines.
- Advise IT and business executives on the status of technology risk and compliance issues based on assessment results and information from various monitoring and control systems.
- Educate IT and business executives on appropriate mitigation strategies and approaches.
- Provide oversight regarding audit, regulatory and risk management activities across IT functional areas, such as the development and maintenance of regulatory documentation (e.g., Sarbanes-Oxley Act compliance).
- Coordinate the IT component of both internal and external audits, federal and state examinations.
- Execute strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, PCI DSS, CFIUS, ITAR, HIPAA, NIST and FISMA
- Own Compliance policies and processes for data security and privacy (such as SOC2, GDPR, ISO27001 and more)
- Interact in both oral and written communications with all levels of IT staff, legal counsel, auditors, and technology vendors and contractors, in matters related to information security and security awareness materials.
- Coordinate work with Internal Audit, Legal, cross-functional stakeholders, and outside consultants as appropriate on required security and compliance assessments and audits.
- Coordinate and track all information technology and security related audits including scope of audits, functions/units involved, timelines, auditing agencies and outcomes. Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the institution in its best light. Provide guidance, evaluation and advocacy on audit responses.
- Assess computer hardware, software, and systems for security risks or violations and work with IT staff and technology vendors to recommend solutions.
- Develop strategies to address awareness and training for all stakeholders as well as technical solutions.
- Must be able to assess the status of complex multi-location projects as well as identify and implement appropriate corrective measures to resolve issues as they arise.
- Must have a strong customer service orientation and the ability to project that attitude to customers in remote locations.
- Revise procedures and reports to identify hidden risks or non-conformity issues.
- Additional duties as assigned
Qualifications:
Qualifications
- Bachelor's Degree in Information Systems or related field; or an equivalent combination of education and experience sufficient to successfully perform the key accountabilities of the job required
- Advanced degree (MBA, Master's) preferred
- 8+ years progressive information security and compliance experience
- 5+ years in a leadership role (direct or indirect)
- Prior managerial/supervisory experience preferred
- In-depth knowledge of ecommerce and application development security practices and technologies
- Experience with hosted ecommerce platforms and systems integration
- In-depth knowledge of risk assessment and threat modeling methods, frameworks and technologies
Updated:
June 6, 2018
- Experience in assessing security architecture, data flows, and integrations
- Experience with a variety of information security systems and tools, such as Security Information and Event Management, Application Vulnerability Management, Infrastructure Vulnerability Management, Intrusion Detection/Prevention, Web Content Filtering, Anti-Virus/Malware and Data Loss Prevention
- Expertise in PCI and SOX requirements
- Ability to facilitate risk, business impact, control and vulnerability assessments
- Experience in implementing and maintaining security policies, processes, procedures and standards
- Experience with scripting and security automation
- Expertise in network infrastructure, including routers, switches, firewalls, and the associated network protocols/concepts
- High degree of proficiency MS Office Suite, Outlook & Internet applications
- Strong analytical, prioritizing, interpersonal, problem-solving, presentation, budgeting, project management (from conception to completion), & planning skills
- Strong verbal and written communication skills (including analysis, interpretation, & reasoning)
- Solid understanding and application of mathematical concepts
- Ability to develop and maintain collaborative relationships with peers and colleagues across the organization, as well as, internal and external clients
- Ability to work well autonomously and within a team in a fast-paced and deadline-oriented environment.
- Ability to work with and influence peers and senior management
- Self-motivated with critical attention to detail, deadlines and reporting
All your information will be kept confidential according to EEO guidelines.
GNC Holdings LLC is an Equal Opportunity Employer
Qualifications
- Bachelor's Degree in Information Systems or related field; or an equivalent combination of education and experience sufficient to successfully perform the key accountabilities of the job required
- Advanced degree (MBA, Master's) preferred
- 8+ years progressive information security and compliance experience
- 5+ years in a leadership role (direct or indirect)
- Prior managerial/supervisory experience preferred
- In-depth knowledge of ecommerce and application development security practices and technologies
- Experience with hosted ecommerce platforms and systems integration
- In-depth knowledge of risk assessment and threat modeling methods, frameworks and technologies
Updated:
June 6, 2018
- Experience in assessing security architecture, data flows, and integrations
- Experience with a variety of information security systems and tools, such as Security Information and Event Management, Application Vulnerability Management, Infrastructure Vulnerability Management, Intrusion Detection/Prevention, Web Content Filtering, Anti-Virus/Malware and Data Loss Prevention
- Expertise in PCI and SOX requirements
- Ability to facilitate risk, business impact, control and vulnerability assessments
- Experience in implementing and maintaining security policies, processes, procedures and standards
- Experience with scripting and security automation
- Expertise in network infrastructure, including routers, switches, firewalls, and the associated network protocols/concepts
- High degree of proficiency MS Office Suite, Outlook & Internet applications
- Strong analytical, prioritizing, interpersonal, problem-solving, presentation, budgeting, project management (from conception to completion), & planning skills
- Strong verbal and written communication skills (including analysis, interpretation, & reasoning)
- Solid understanding and application of mathematical concepts
- Ability to develop and maintain collaborative relationships with peers and colleagues across the organization, as well as, internal and external clients
- Ability to work well autonomously and within a team in a fast-paced and deadline-oriented environment.
- Ability to work with and influence peers and senior management
- Self-motivated with critical attention to detail, deadlines and reporting
All your information will be kept confidential according to EEO guidelines.
GNC Holdings LLC is an Equal Opportunity Employer
#J-18808-Ljbffr
-
Information Security Engineer
1 week ago
Pittsburgh, Pennsylvania, United States BNY Mellon Full timeInformation Security EngineerBring your ideas. Make history.BNY Mellon offers an exciting array of future-forward careers at the intersection of business, finance, and technology. We are one of the world's top asset management and banking firms that manages trillions of dollars in assets, custody and/or administration. Known as the "bank of banks" - 97% of...
-
Business Information Security Officer
1 week ago
Pittsburgh, Pennsylvania, United States Hispanic Technology Executive Council Full timeBusiness Information Security Officer (BISO), SVP Bring your ideas. Make history. BNY Mellon offers an exciting array of future-forward careers at the intersection of business, finance, and technology. We are one of the world's top asset management and banking firms that manages trillions of dollars in assets, custody and/or administration. Known as the...
-
Business Information Security Officer
1 week ago
Pittsburgh, Pennsylvania, United States BNY Mellon Full timeOverview Business Information Security Officer (BISO), SVP Bring your ideas. Make history.BNY Mellon offers an exciting array of future–forward careers at the intersection of business, finance, and technology. We are one of the world's top asset management and banking firms that manages trillions of dollars in assets, custody and/or administration. Known...
-
Business Information Security Officer
1 week ago
Pittsburgh, Pennsylvania, United States BNY Mellon Full timeBNY Mellon offers an exciting array of future-forward careers at the intersection of business, finance, and technology. We are one of the worlds top asset management and banking firms that manages trillions of dollars in assets, custody and/or administration. Known as the "bank of banks" - 97% of the world's top banks work with us as we lead and serve our...
-
Associate, Information Security Analyst I
1 week ago
Pittsburgh, Pennsylvania, United States BNY Mellon Full timeAssociate, Information Security Analyst I Bring your ideas. Make history. BNY Mellon offers an exciting array of future-forward careers at the intersection of business, finance, and technology. We are one of the world's top asset management and banking firms that manages trillions of dollars in assets, custody and/or administration. Known as the "bank of...
-
PPA - Unarmed Security Officer (PTBG - 2/PT)
7 days ago
Pittsburgh, Pennsylvania, United States U.S. Security Care Full time>> PPA - Unarmed Security Officer (PTBG - 2/PT) PPA - Unarmed Security Officer (PTBG - 2/PT) Summary Title:PPA - Unarmed Security Officer (PTBG - 2/PT)ID:1203Location:Pittsburgh, PAJob Type:Part-Time, UnarmedCompensation:$13.50hrShifts:Weekdays, Evenings/Nights, Weekends, Overnight, Mornings, AfternoonsDescription Primary responsibility is to ensure the...
-
Airport Security Guard
1 week ago
Pittsburgh, Pennsylvania, United States ACTS-Aviation Security Inc Full timeJoin a Global Leader in Aviation SecurityACTS-Aviation Security offers a competitive wage of approximately $19.06 per hour plus an additional $4.60 per hour (up to 40 hours per week) funded by ACTS to support the Local 32BJ Health & Welfare Fringe Benefit Fund, which includes Health Insurance, a Training Fund, & a Retirement Savings Benefit. Opting for...
-
Airport Security Supervisor
1 week ago
Pittsburgh, Pennsylvania, United States ACTS-Aviation Security Inc Full timeJoin a Global Leader in Aviation Security ACTS Aviation Security has immediate full-time opening for Aviation Security Supervisor at the Pittsburgh International Airport.ACTS offers competitive wages and benefits, including medical, dental and vision insurance, 401(k) with company match, and paid vacations and holidays. ACTS-Aviation Security, is a part of...
-
Security Staff Manager
3 weeks ago
Pittsburgh, Pennsylvania, United States PNC Full timePosition OverviewAt PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued, and have an opportunity to contribute to the...
-
Security Staff Manager
1 month ago
Pittsburgh, Pennsylvania, United States PNC Full timePosition OverviewAt PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued, and have an opportunity to contribute to the...
-
Security Staff Manager
3 weeks ago
Pittsburgh, Pennsylvania, United States The PNC Financial Services Group Full timeJob ProfilePosition OverviewAt PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued, and have an opportunity to contribute to...
-
Security Staff Manager
1 month ago
Pittsburgh, Pennsylvania, United States The PNC Financial Services Group Full timeJob ProfilePosition OverviewAt PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued, and have an opportunity to contribute to...
-
Pittsburgh, Pennsylvania, United States BNY Mellon Full timeJoin Us at BNY MellonAre you ready to bring your ideas and make history? BNY Mellon is a leading asset management and banking firm that handles trillions of dollars in assets, custody, and administration. Known as the 'bank of banks,' we have a rich history of over 239 years, setting industry firsts and leading the digital era.With approximately 50,000...
-
Security Staff Manager
1 week ago
Pittsburgh, Pennsylvania, United States PNC Full timePosition Overview At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the...
-
Security Staff Manager
1 week ago
Pittsburgh, Pennsylvania, United States PNC Financial Services Group Full timePosition Overview At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the...
-
Security Staff Manager
3 weeks ago
Pittsburgh, Pennsylvania, United States The PNC Financial Services Group Full timeJob ProfilePosition OverviewAt PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to...
-
Security Staff Manager
3 weeks ago
Pittsburgh, Pennsylvania, United States The PNC Financial Services Group Full timeJob ProfilePosition OverviewAt PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to...
-
Security Staff Manager
1 month ago
Pittsburgh, Pennsylvania, United States The PNC Financial Services Group Full timeJob ProfilePosition OverviewAt PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to...
-
Security Manager Sr
1 week ago
Pittsburgh, Pennsylvania, United States PNC Bank Full timeManages multiple teams focused on maintaining confidentiality, integrity, and availability of data, systems, and networks. Responsible for management and oversight of applicable security technology products for network, systems and data. Develops, im Manager, Security, Business Operations, IT, Banking, Information
-
Cyber Security Operations Manager
7 days ago
Pittsburgh, Pennsylvania, United States Dice Full timeDice is the leading career destination for tech experts at every stage of their careers. Our client, Swift Strategic Solutions Inc, is seeking the following. Apply via Dice today A technology services client of ours is looking for Cyber Security Operations Manager skills their ongoing projects. Below are the additional details of this role: Required...