IT Security Risk Manager in Memphis, TN at Vaco

Date Posted: 2/4/2020

Job Snapshot

Job Description

IT Security Risk Manager

Job Purpose

  • You will serve as an individual contributor working closely with a wide range of internal and external stakeholders at all levels
  • Establish and/or maintain an information security governance framework aligned with organizational goals and objectives
  • Lead, develop and maintain an information security program that identifies, manages and protects the organization's assets
  • Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact

Key Responsibilities and Duties

  • Manage information security risks to business critical assets and procedures
  • Lead Security Awareness Training program across the organization
  • Facilitate 3rd Party Risk Assessments and Penetration Tests
  • Create, implement, and enforce security policies and best practices as required; ensuring information is appropriately secured
  • Consult with business/project teams to clearly explain existing policies, procedures, and risks as it relates to their efforts
  • Document mitigation strategies and direct appropriate technical teams to implement as required
  • Manage MSSP (SIEM, EDR, IPS, Firewalls)
  • Develop, track and communicate KPIs and KRIs related to Information Security
  • Assist with DR and BC planning and testing
  • Maintain HIPPA, PCI, GDPR, and CCPA compliance
  • Some travel required

Experience and Educational Qualifications

  • 5 years of experience in Information Security or related field
  • Bachelor's degree required, Master's preferred
  • CISM, CISA, or CISSP certifications preferred
  • NIST Cybersecurity Framework and CIS 20 Controls
  • HIPPA, PCI, GDPR, and CCPA regulations