Information security architect
Location
Frankfort, KY | United States
Job description
We are looking for Information Security Architect - Remote / Telecommute for our client in Frankfort, KY
Job Title: Information Security Architect - Remote / Telecommute
Job Location: Frankfort, KY
Job Type: Contract
Job Description:
Responsibilities :
- The client seeks highly motivated candidates for the Information Security Manager of Operation position in the client, reporting to the Chief Information Security Officer.
- As the Information Security Manager of Operations, candidate will be responsible for overseeing and managing the day-to-day activities related to information security within our organization.
- Candidate will play a crucial role in ensuring the confidentiality, integrity, and availability of our systems and data.
- This position requires strong leadership skills, technical expertise, and a deep understanding of information security principles and best practices.
Experience:
Security Operations Management:
- Lead and managed the security operations team responsible for monitoring, detecting, and responding to security incidents.
- Develop and implement security policies, procedures, and standards to maintain a secure operating environment.
- Conduct regular security assessments, vulnerability scans, and penetration tests to identify and address potential security risks.
- Ensure compliance with relevant regulations, standards, and frameworks (e.g., GDPR, ISO 27001, NIST).
Incident Response and Management:
- Develop and maintain an incident response plan to mitigate security incidents effectively.
- Lead incident response activities, including containment, eradication, and recovery efforts.
- Coordinate with internal teams and external stakeholders to investigate security incidents and implement remediation measures.
Security Monitoring and Threat Intelligence:
- Oversee the implementation and management of security monitoring tools and technologies.
- Monitor security events and alerts to identify potential security threats and vulnerabilities.
- Stay informed about emerging threats and trends in cybersecurity through threat intelligence feeds and industry publications.
Security Awareness and Training:
- Develop and deliver security awareness training programs for employees to promote a culture of security awareness.
- Provide guidance and support to employees on security best practices and procedures.
Risk Management:
- Conduct risk assessments to identify and prioritize security risks to the organization.
- Develop risk mitigation strategies and controls to reduce the likelihood and impact of security incidents.
- Monitor and report on the effectiveness of risk mitigation efforts.
- Vendor and Third-Party Risk Management.
- Evaluate the security posture of third-party vendors and service providers.
- Establish security requirements and standards for vendor contracts and agreements.
- Monitor and assess the security practices of vendors and third parties to ensure compliance with established standards.
Education and Experience:
- Bachelor's degree in computer science, Software Engineering, or a related field (equivalent professional experience may be considered for substitution for the required degree on an exception basis).
- Minimum of 5 years of experience in information security, with at least two years in a management or leadership role.
- Candidates with one or more of the following certifications are a plus.
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), or other relevant certifications preferred.
- This is a partial listing of the necessary knowledge, skills, and abilities to perform the job successfully. It is not an exhaustive list.
- Ability to set the tone for the organization and motivate management and team.
- Understanding information security regulations, including the Federal Information Security Management Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), ISO 27001, COBIT NIST, and ITIL.
- Maintaining security, assessing and evaluating security, and doing security incident forensic work. Knowledge of vendors and their products, including.
- Experience with Government agencies, particularly the Department of Defense (DoD), on information security matters.
- Experience with Government Classified systems and the associated security requirements.
- Updates job knowledge by tracking and understanding emerging security practices and standards, participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations.
- Proficiency in Microsoft Office Suite (Word, Excel, Outlook, etc).
- Innovative and creative mindset.
- Basic network security knowledge (general principles).
- Excellent documentation and communication skills.
- Ability to organize tasks into milestones and successfully execute to project completion.
- Can work independently with little direct supervision.
- General cyber-security understanding.
Report this job
- Dice Id: 10516350
- Position Id: KY_ISAR_0213
Job tags
Salary
