Information Security Manager
Pearl River, New York
Syncsort is seeking an Information Security Manager to join our corporate IT department. This position is responsible for deploying and maintaining security policies, procedures, compliance and remaining current with new security laws and trends. The successful candidate will be a major contributor in enhancing Syncsort’s security posture internally and externally to ensure Syncsort can meet customer requirements.
General areas of responsibility include:
- Responsible for providing oversight, coordination and management of Information Security projects and day-to-day technical oversight and operational support.
- Serve as liaison/project manager for projects, such as Compliance, IT development issues, firewall review and hardening recommendations, etc.
- Perform technical security controls assessments and baseline validations to identify vulnerabilities and control deficiencies as part of continuous monitoring program.
- Lead the Incident Response team and maintain currency and training on IR.
- Information assurance sustainment activities (hardware/software change management, user account management, auditing, media protection, user interface, file transfers, etc.).
- System self-inspections, audit log reviews, secure baselines, and continuous monitoring.
- Prepare and conduct initial and annual general/privileged information awareness training.
- Conduct various actions related to cyber incident response, investigation, and resolution.
- Development, maintenance, and execution of effective, well-written, and customer compliant IA policies and procedures for various customer bases.
- Manage and assist Information Security vendor in day-to-day information security monitoring to identify and remediate information security risks, threats and vulnerabilities.
- Manage the implementation and administration of an Enterprise Security Program.
- Prepare status reports on security matters to develop security risk analysis scenarios and response procedures.
- Provide technical oversight of enhancements and tuning of Information Security monitoring tools to collect, integrate and correlate security events, establish operational threshold levels to establish relevant alarms and notifications, and ensure continuous functionality, availability and enhancement of the tools. Manage integration of these tools to standardize and enhance reporting. Evaluate cross functionality of the tools to determine possible consolidation opportunities.
- Provide Subject Matter Expert (SME) support for development and review of security configuration standards for operating systems, networking devices, application development, user access controls, Industry Regulatory compliance requirements, such as PCI/HITECH/HIPAA and other supporting platforms/systems.
- Assist sales teams with security questions on RFIs and act as a liaison for the IT team to customers and prospects.
- Minimum of seven (10) years in information security role, with three (3) years of managing information security or IT operations with deep technical knowledge and hands-on experience in information technology areas such as:
- Operating Systems Administration
- Networking Design/Administration
- Multi-tier Web Application Development
- Operational Support
- Implementation/Administration w/Information Security Tools
- Penetration Testing
- Information Security Incident Handling
- Information Security risk assessment, risk mitigation and incident response experience
- Must be detail oriented and have excellent analytical and creative problem-solving skills.
- Excellent understanding of the organization’s goals and objectives.
- Excellent listening, interpersonal, written, and oral communication skills.
- Proficient on MS Office Tools.
- Must be available to work onsite in Pearl River, NY daily.
- Bachelor’s degree in Computer Science / Management Information Systems with demonstrated and proven technical and operational management experience or equivalent experience.