Information Security Lead in Atlanta, GA at Prestige Staffing

Date Posted: 8/12/2019

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Atlanta, GA
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    8/12/2019

Job Description

JobID: 23175

Information Security Lead

The Information Security Lead is responsible for managing all aspects of our client's Cyber Security Program and will serve as the primary point of contact within our client's company for all security related items and issues. The Information Security Lead will be responsible for researching, testing, training and implementing the parent company's Enterprise Security Policies to safeguard critical information from any possible breaches.

Primary Duties:

  • Implement designated security controls on critical items (applications, assets, and data) in accordance with client's Security Policies and Standards.
  • Monitor, maintain, and report compliance with client's Enterprise Security Policies, and Standards to the client's Director of Global GRC.
  • Ensure that all security risks and findings (e.g., vulnerability scanning, penetration testing, risk assessments, etc.) are remediated in accordance with the established client’s Security Policies and Standards.
  • Ensure that software patches are installed in accordance with the established client’s Security Policies and Standards.
  • Establish holistic Incident Management process within SP Richards, including notification protocols to client’s Enterprise Security.
  • Create Incident Response run books and conduct training exercises in accordance with client’s Security Polices and Standards.
  • Establish holistic Risk Management process within client company and ensure alignment with parent company’s Security Policies and Standards.
  • Ensure Regulatory Compliance (e.g. PCI and GDPR)  as appropriate and provide regular updates and status to the client’s Director of Global GRC
  • Provide timely reporting (Monthly and Quarterly) to client’s Enterprise Security & SP Richards leadership (President and CIO) as prescribed by client’s Enterprise Security.
  • Ensure security requirements are embedded in client’s processes including but not limited to change management, configuration management, software development life cycle, and asset management.
  • Provide ongoing security awareness training to all employees within our client. 
  • Identification and protection of critical business processes, applications, data, and assets
  • Work with the Director of Global Cyber Defense to ensure that the client’s projects, applications, and infrastructure are reviewed and in compliance with the parent company’s Security Engineering & Architecture standards.
  • Work with the CISO and Enterprise Security Directors to define metrics and reporting strategies that effectively communicate successes and progress of our client’s security program.

Qualifications:

  • Bachelor’s degree required, preferably in Computer Science or Information Technology or equivalent experience
  • A minimum of 15 year of IT experience, minimum 8 years of which need to be in an information security role.
  • A minimum of 5 years in a supervisory capacity, preferably in security operations.
  • Experience with Global Security Organizations is desired
  • A CISSP, CISA, CISM or equivalent certification is required

Preferred qualifications:

  • Works ethically and with integrity supporting organizational goals and values
  • Displays commitment to excellence
  • Completes work in a timely manner and meets deadlines
  • Contributes to building a positive team spirit and treats others with respect
  • Maintains confidentiality of information and uses information appropriately
  • Exhibits sound judgment when making decisions and recommendations
  • Fosters collaboration toward a common vision and shared goals
  • Ability to work effectively, independent of assistance or supervision
  • Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers, using appropriate language, examples, and tone to convey critical information
  • Ability to multi-task and adjust to changing priorities in order to meet customer expectations
  • Attention to detail, and experience working in a large segmented organization
  • Innovative, creative, and extremely responsive, with a strong sense of urgency
  • Strong knowledge of security concepts
  • Strong analytical, technical, and problem-solving skills
  • Strong leadership skills and the ability to work effectively with business managers and IT teams in a collaborative team-oriented environment is essential.
  • Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, NIST-800 series and the IT Infrastructure Library (ITIL).
  • Willingness to work outside of regular business hours as required which can include evenings, weekends and holidays.