Information Security Supervisor

Information Security Supervisor

MarketSource is a sales acceleration company focused on delivering better outcomes for many of the world’s most iconic brands. We design, operationalize, and execute managed sales and customer experience solutions for companies in B2B and B2C environments.

Our solutions are purpose-built and tech-enabled to deliver measurable improvements in business outcomes. We live by a set of people-focused values that guide our relationships with each other and with our clients. By putting people first, working together to make others successful, and establishing a rich and empowered work culture, we create opportunities for our people and the businesses we serve to be successful.

Summary

• Coach, develop, and mentor a team of analysts to achieve quality performance
• Respond to Information Security incidents.
• Respond to Legal and Executive requests for data gathering and analysis
• Document compliance requirements and reference those requirements to the source documentation (e.g. SOC 2, ISO 27001/2, NIST, PCI Compliance, HIPAA Compliance, etc.), depending on specific organization and/or client policies
• Perform the implementation, operation and maintenance of the Information Security Management System based on the industry series standards (e.g. SOC 2, ISO 27001/2, NIST, PCI Compliance, HIPAA Compliance, etc.), depending on specific client's business requirements.
• Act as a Champion for a “center of excellence” for information security management, for example offering internal management consultancy advice and practical assistance on information security risk and control matters throughout the organization and promoting the commercial advantages of managing information security risks more efficiently and effectively.
• Document and report assessment and audit findings to the Security Operations Manager.
• Collaborate with IS management, the corporate Legal department, safety and security, and law enforcement agencies to manage risks and security vulnerabilities.
• Collaborate with other IS groups to implement Information Systems policies, procedures, standards and guidelines.
• Lead recurring meetings on Information Security related topics and issues (i.e. data loss prevention, network proxy, firewall changes, policy exceptions, etc.).
• Lead collaboration efforts to document interpretations or clarifications of corporate policies and compliance documentation into measurable and actionable policies that can be monitored, enforced, and managed through process.
• Monitor and advise on Information Security issues related to the systems and workflow to ensure that the internal security controls are appropriate and operating as intended.
• Perform the operation of related compliance monitoring, auditing, and improvement activities to ensure compliance both with internal corporate policies and applicable laws and regulations
• Work Incidents and Requests from the Security ticket queue and then manage the queue while handling policy exception requests.
• Represent the Information Security role in the Change Management, Incident Management, Patch Management, and Problem Management processes.
• Answer information security questionnaires required by the customers of the Operating Companies.
• Conduct research in keeping abreast of latest information security issues.
• Prepare documentation, including policies, processes and procedures, notifications, Web content, and IS alerts.
• Actively participate in the IT security community to stay abreast of current standards and best practices.
• Maintain an industry-standard information security certification.
• Perform other related duties as assigned.

• Expertise in two or more technology domains (security, infrastructure, device, identity, applications, integration, and data).
• Understanding of “best practice” around enterprise security frameworks.
• Ability to translate complex technical terminology, concepts, and issues in terms understandable to both technical and non-technical management and staff.
• Ability to understand the long-term ("big picture") and short-term perspectives of situations/solutions.
• Ability to assist in diagnosing, isolating, and resolving complex problems pertaining to security infrastructure.
• Ability to assist in evaluating and recommending security technology/vendor agnostic solutions.
• Ability to assist with vulnerability assessments.
• Ability to utilize general office business equipment.

Job Requirements:

• Bachelor’s degree in the field of MIS, computer science, information systems or computer engineering
• Five years’ experience working with:
  • Information Security planning for a large, global organization.
  • Network, host, data, integration, and application access security in multiple operating system environments (Windows, Solaris, Linux, etc.).
  • Understanding of Information Security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists.
  • Internet, web, application and network security techniques.
  • Leading firewall, network scanning and intrusion detection products and authentication technologies.
  • Federal/International regulations related to information security (FISMA, Computer Security Act, Safe Harbor, HIPAA, etc.).
• Four (4) in-office workdays per week and the option to work remote OR in office on fifth (5th) day

• Medical, dental & vision
• 401(k)/Roth
• Insurance (Basic/Supplemental Life & AD&D)
• Short and long-term disability
• Health & Dependent Care Spending Accounts (HSA & DCFSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)