Information Security Manager, NJ

Job Description

Information Security Manager, NJ

 

Seeking – Information Security Manager, NJ – Permanent

 

BridgeView IT is seeking an Information Security Manager,  NJ – Permanent

 

 

This position is part of the Client's Information Security Team.  The position is responsible for the execution and maintenance of and monitoring compliance with Information Security policies and procedures primarily for Client's Corporate functions that are shared among business units (BU).  The position serves as liaison and advisor to IT team members and business partners in the execution of policy, mitigating risk, and achieving compliance.   Participates in the IT SOX 404 program and in the development, deployment and testing of controls.   This position requires broad IT background, expertise in Information Security, control and compliance as well as strong communications skills especially with  staff, audit, business partners and vendors.  Needs to effectively manage processes and projects, with cross-functional teams and deliver according to plan.

 

 

Required Skills:

 

• Minimum 7 years experience in IT with at least 5 years experience in Information Security
• Bachelor degree in Computer Science or related discipline. Information Security and control certifications preferred (CISSP, CISA).
• Must demonstrate broad skills across IT and expertise in Information Security disciplines.
• Must be able to drive processes in a collaborative manner, obtain clear requirements, analyze and articulate risk, identify issues and alternatives and recommend solutions commensurate with risk.
• Requires excellent analytical ability, consultative skills, strong judgment and the ability to work effectively in a cross-functional, multi-disciplinary, team environment.
• Requires strong verbal and written communication skills to effectively communicate across various levels.  Ability to influence others is critical to success.
• Must be well organized with excellent follow up skills to meet deadlines, coordinates work of others while fostering team work and cooperation; able handle multiple concurrent tasks.
• Manages cross-functional projects and processes as required and delivers according to plan. 
• Maintains an awareness of existing and proposed security standards, industry best practices, legislation and regulations pertaining to information security and recommends appropriate changes.
• Technical experience in security aspects of multiple platforms, operating systems, software, communications, LAN/WAN, wireless, VPN and network protocols.  Functional areas and products include  Active Directory, Cisco, XP, Server 2003, IIS, networking, NetIQ, intrusion detection, remote access, authentication, encryption.  Very good knowledge of network administrative services types and architecture (RADIUS, TACACS) and DMZ Network perimeter structure and design 

Overview of responsibilities: 

·         The objective of the Compliance monitoring process is to ensure that systems are in compliance with our security policy and process and those non-compliance conditions are resolved promptly.  This position is responsible for ensuring compliance checks are run regularly by operations (IONIX and potentially others), non-compliance conditions are recorded, facilitating weekly meetings to ensure timely resolution and evaluaint risk of non-compliance, approving short extensions, recommending policy exceptions and escalating when necessary.  This individual is owner of the policy manual, tracks all exceptions and recommends changes to policy.

·         The objective of the Security/Integrity Advisory process is to timely remediate system vulnerabilities.  The position is responsible for obtaining and recording alerts/advisories from vendors, communicating such to operations teams, tracking resolution, ensuring timely completion and when necessary feeding delayed implementation into the Compliance Monitoring process. 

• Participates with management and other members of the Information Security Team in the development of Information Security policy.  Manages the execution and maintenance of the Information Security and control policy, standards, procedures, guidelines and risk mitigation techniques.  Manages the policy exception process.
• As appropriate, participates in the selection, configuration, and maintenance of information security software.
• Creates and manages processes and procedures to evaluate and monitor compliance with Information Security policy for corporate services shared among BU’s across multiple platforms and applications. 
• Performs operating system and application vulnerability assessments.  Analyzes gaps, identifies potential issues and recommends corrective measures to ensure the integrity of the company’s security posture.
• Participates in conducting due diligence reviews of potential vendors, products and outsourced services for Realogy Corporate Services as it relates to Information Security and IT controls.  Assesses risk, documents findings and works with vendors to develop a security plan that timely addresses gaps.
• Participates in the IT SOX 404 program; development of controls and oversee testing of certain IT controls those that support multiple BU’s.
• Member of cross-functional Client's Security Incident Response Team to resolve security incidents.
• Partners with Client's IT teams to design secure infrastructure and applications, and assists in or facilitates the implementation of protective and mitigating controls.
• Identifies process improvements, prevent/anticipate problems and focus on continuous improvement from manual to automated processes. 

BridgeView IT is a technology placement firm assisting a national network of clients identify and hire the highest-caliber IT professionals. Our management and senior recruiting specialists have successfully supported the IT marketplace for over a decade, and we have grown into a world class organization, with operations in major U.S. markets.  BridgeView IT’s mission is to build long-lasting relationships through successful candidate placements, to conduct business with utmost professionalism and courtesy, and to achieve rewarding business performance results. 

 

BridgeView IT is an equal opportunity employer.  To proactively receive new job alerts from BridgeView IT, sign up at www.bridgeviewit.com/jobalerts.aspx.