Information Systems Security Manager

The Information Systems Security Manager develops and manages information systems, cyber-security, including disaster recovery, database protection, and software development. Ensures that all applications are functional and secure. Maintains information security standards, best practices, architecture, and systems to ensure information system security.  

Essential Functions:

• Directs ongoing risk assessment programs for all new and existing systems, understands organizational goals and processes to develop effective controls for a strong security posture.
• Oversees all activities related to development, implementing, reviewing, and maintaining, company-wide information security policies and procedures.
• Reviews vulnerability and web application scans ensuring that cyber-security inspections, tests, and reviews are coordinated for the network.
• Documents initiatives related to System Security Plans, Risk Assessment Plans, Continuity of Operations Plans, Incident Response Plans, and Security Test and Evaluation standards.
• Reviews and recommends the installation, modification, or replacement of hardware or software components and any configuration change(s) that affects security.
• Ensures vulnerabilities are managed using direct periodic tests of critical systems and applications.
• Develops security awareness training and education programs and presents them to staff.
• Evaluates security incidents and determine the response(s) needed.
• Ensures a record is maintained of all security vulnerabilities.
• Conducts independent risk assessment of the information security and information technology programs.
• Provides updates, reports, and recommendations regarding standard methodology for information security and information technology controls, risk assessment, and risk remediation strategies.
• Promotes awareness of security issues and ensures sound security principles are utilized.
• Performs other duties as required.