IT Security Manager
About the position
Responsibilities
• Work with the executive and business managers to align the Information Technology organization with business unit security and compliance needs.
• Acts as a technical consultant for the enterprise, ensuring security design for systems align with business needs, architecture and technical standards.
• Develop, institute and maintain an Information Security Strategy Roadmap for all Security Technology domains with input on the strategic direction from the architecture team.
• Create and maintain the enterprise’s security documents (policies, standards, baselines, guidelines and procedures).
• Ensure current cyber and data security services encompass the enterprise including new product development, data governance and digital programs.
• Lead and coordinate incident response to problematic security and data activity, ensuring timely resolution and provide on-going communication with senior management.
• Run the design and execution of vulnerability assessments, penetration tests and security audits.
• Ensure regular security awareness and data handling training for all employees to ensure consistently high levels of compliance with enterprise security documents.
• Conduct/participate in data privacy risk assessments and implement mitigation measures.
• Oversee and ensure security and data privacy requirements for third-party vendors.
• Classify and evaluate enterprise data assets in conjunction with the Data Governance team.
• Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
• Prepares system security reports and KPI by collecting, analyzing, and summarizing data and trends to track and measure the enterprise’s risk posture.
• Responsible for establishing and leading a high-performance team of security professionals that oversees the proper deployment, configuration, and administration of the security and identify management systems. Approximate # of direct reports – 4
• Plan and manage IT Security budget to improve security posture and ensure effective budget utilization.
Requirements
• College diploma or university degree in the field of computer science and/or 5 years equivalent work experience.
• Strong problem solver with excellent oral and written communication skills.
• Possess the ability to interact with a variety of diverse people in a complex environment.
• Specific knowledge of risk management principles and models.
• Experience in audit of legislative and/or regulatory compliance.
• Strong knowledge of corporate level security systems and implementation procedures, corporate and government security regulations, security software products, domain structures, user authentication, user profiles, and digital signatures.
• Excellent understanding of cloud security and experience with design and/or implementation of applications in the cloud.
• Extensive knowledge of technical security controls and technologies (e.g. IDS, IPS and Web Application Firewalls; Data Loss Prevention (DLP); Antivirus, Anti-malware and Zero Day protections; Security Information and Event Management (SIEM); Identify and Access Management and Privileged User Management; Public Key Infrastructure and Certificate management).
• Working conditions associated with normal office environment.
• Ability to operate standard office equipment (e.g., computer, telephone, copier, printer, etc.).
• Ability to effectively communicate in both small and large groups and settings.
• Ability to traverse between multiple locations in Ohio and Pennsylvania as needed.
• Ability to safely and successfully perform the essential job functions consistent with the ADA, FMLA and other federal, state, and local standards, including meeting qualitative and quantitative productivity standards.
• Ability to maintain regular, punctual attendance consistent with the ADA, FMLA and other federal, state, and local standards.
Nice-to-haves
• One or more certifications in CISSP, CISA, CISM, CIPM or CIPT is preferred.
Benefits
• Swagelok provides a comprehensive package of valuable benefits called Total Rewards focused on health and wellness, compensation, retirement planning, and supplemental rewards.
Apply tot his job
Apply To this Job