Group Manager of Cyber Security
il y a 12 jours
Atlanta
Job Description Role Profile Reporting to the Group VP, Cyber Security, the Group Cyber Security Manager is responsible for establishing and maintaining a company-wide information security and risk management program to ensure that information assets are adequately protected. This position is responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements, aligns with, and supports the risk posture of the company and its clients/customers. This role directs the adoption and implementation of security and privacy policies, security technology, and information risk procedures across all locations. Position Responsibilities: • Responsible for day-to-day IT Security operational activities and responding to information security incidents., • Lead and manage a talented team of information systems security professionals by establishing strategic objectives, providing mentorship, and conducting performance evaluations to enhance team effectiveness., • Manage cybersecurity projects, including cost and scope, schedule and risk, for assigned projects, ensuring every project is delivered with quality and on time., • Oversee the execution of security audits and assessments by coordinating team efforts to evaluate the effectiveness of information systems security measures and identify areas for improvement., • Coordinates cross-discipline IT teams to design, implement, test, and operate critical security-related systems, furthering global information security strategies., • Oversee and continuously improve the IT risk assessment and management, IT continuity management, IT governance formulation, and organizational change management., • Oversee and lead IT audit management, including company client audits of internal policies and procedures., • Develop strategies to address information security awareness and training for all stakeholders., • Lead and manage the Cyber Incident Response Plan, develop and maintain incident response playbooks, and conduct regular tabletop exercises., • Defines and executes the strategic vision, understanding the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization, and balances these with risk investments., • Analyse, select, recommend, and coordinate the installation of information security technology with all relevant stakeholders., • Develops and implements tests of computer systems to monitor effectiveness of security through penetration and vulnerability assessments., • Conduct and coordinate software reviews and assessments. Skills and Competencies • The ability to motivate and engage a team of Information Security staff in supporting the organization's goals and lead the process of continuous improvement of our company's cyber security program., • Foster and build a collaborative working relationship with various stakeholders, • Adaptable in global and complex environments, with good influencing skills., • People management and interpersonal skills – ability to interact at all levels., • Experience in policy formulation, information security management, and business risk management., • Lead functional teams of senior technology employees to achieve objectives., • Experience in dealing with senior executives and constructively challenging ideas and products to achieve desired results., • Possess good organizational, prioritization, and workflow management skills., • Proven track record of consistently meeting published uptime and service-level objectives., • Balance of leadership skills and hands-on technical skills. Personal Qualities • Multi-tasking: Ability to handle multiple tasks simultaneously and prioritize effectively., • Accuracy: The ability to ensure that information, facts, and figures are accurate and free from errors., • Sense of Urgency: Ability to respond as needed within the appropriate timeframe., • Problem Solving: An analytical thinker with the ability to solve problems and seek support when needed., • Organization: Ability to organize tasks and information effectively., • Team Player: Ability to work both within and across teams to ensure work is completed with appropriate input from others., • Decision Making: Ability to make decisions on work issues that impact the successful completion of tasks., • Focus: Ability to work calmly & effectively under pressure to tight deadlines., • Delivery: Delivery-focused with a commitment to getting the job done., • Extra Mile: Going above and beyond to exceed customer expectations. Qualifications • 6+ years of overall professional technical experience in information security., • Minimum of 3-5 years of experience in managing information security personnel, • Professional security management certification is desirable, such as Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or other similar credentials., • Knowledge and understanding of relevant legal and regulatory requirements, such as GDPR, HIPAA, ISO/IEC 27001, SOC, and NIST security principles, • Bachelor's degree in related field preferred Working Conditions • This position will primarily be involved in an office environment., • This position supports a 24/7 cybersecurity and IT operation and requires working weekends, evening/night shifts, and occasional holidays., • Occasional domestic and international travel is required.