MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious
4

Information Security Manager (San Diego, CA)

Location San Diego, United States
Posted 18-August-2022
Description
Are you looking for more than just a job? Do you want to have a voice and feel a sense of belonging? At ICW Group, we hire innovative people who consistently adapt, grow and deliver. We believe in hard work, a fun work environment, and embracing creativity that only comes about when talented people collaborate to develop solutions. Our mission is to create the best insurance experience possible.

Headquartered in San Diego with regional offices located throughout the United States, ICW Group has been named for seven consecutive years as a Top 50 performing P&C company offering the stability of a large, profitable and growing company combined with a small-company entrepreneurial spirit. Our purpose-driven ethos provides team members with opportunities to contribute, develop, and belong.

The Information Security Manager is responsible to direct a team of Information Security (IS) professionals in the development, implementation, and compliance of both technical security and technical risk management across the enterprise. This position will reinforce the overall security posture of the organization through proactively coordinating security measures to monitor and protect systems as well as deal with the threats. This role exists as an integral member in planning and executing the organizations information security strategy.

This is a HYBRID role based out of SAN DIEGO, CA.

WHAT YOU WILL DO

Manages risks related to information security, physical security, business continuity planning, crisis management, privacy, and compliance.
Assesses risks to mitigate potential consequences of incidents and develops plans to respond to incidents. Analyzes risks to minimize losses or damages, develops safety standards, policies, or procedures. Directs or participates in emergency management and contingency planning. Ensures there are emergency response plans or procedures. Directs organizational operations, projects, or services. Writes or reviews security-related documents, such as incident reports, proposals, and tactical or strategic initiatives. Analyzes and evaluates security operations to identify risks or opportunities for improvement through auditing, review, and/or assessment. Conducts threat or vulnerability analyses to determine probable frequency, criticality, consequence, or severity of natural or man-made disasters or criminal activity on the organizations profitability or delivery of products or services. Ensure that the organizations data and infrastructure are protected by enabling the appropriate security controls. Manages resource availability to continuously support the business through sustained operations. Identifies areas for improvement, develops improvement program and monitors the implementation to increase process efficiency.
Ensures all staff members are trained on enterprise and industry-regulated security requirements through awareness programs.
Enhances the information security awareness program. Develops and recommends information security policies and procedures. Leads security training and communicates policies. Leads by promoting a culture of collaboration, continuous improvement, quality and accountability. Develops evaluation framework to assess the strengths of the team and to identify areas for improvement.
Develops and leads a team of Information Security professionals.
Provides daily direction to IS team. Communicates Mission, Values, and other organization operating principles to direct and indirect reports. Oversees the performance management and development process for the assigned IS team members and performs performance management duties, development planning and coaching for direct reports. Manages assigned IS budget, technology and other resources, workload, and customer requests for IS services. Ensures adherence to all Company policies and procedures and Compliance responsibilities. Ensures data quality, adherence to IT security guidelines, profitability and other risk-related metrics for self and members of the team.
SUPERVISORY RESPONSIBILITIES
Directly supervises employees within the IS team and carries out supervisory responsibilities in accordance with company policies and applicable laws. these responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; conducting performance and salary reviews; rewarding and disciplining employees; addressing complaints and resolving problems; coaching, mentoring, and developing team members to further their skills and knowledge; creating and monitoring development plans; setting performance expectations/goals; forecasting staffing needs and planning for peak times and absences; enforcing department policies and procedures.
WHAT YOU BRING TO THE ROLE
Bachelors Degree in Computer Science, IT, or similar field required. Minimum 5 years of experience in managing and leading IT Security teams. Minimum 10 years of related IT and information security experience required. Minimum 3-5 years of experience in AWS Cloud Security services preferred. Equivalent combination of education and experience may be considered.
CERTIFICATES, LICENSES, REGISTRATIONS
Professional certifications in Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), Certified Ethical Hacker (CEH), GIAC Penetration Tester (GPEN), and/or Security + preferred. AWS Certified Security-Specialty certification preferred.
KNOWLEDGE AND SKILLS
Experience with AWS Services such as AWS Identity & Access Management, AWS Organizations, AWS Security HuB, Guard Duty, CloudTrail, AWS CloudTrail. Experience in cyber security with working knowledge of data analysis, risk assessment and mitigation, investigation methods, incident management concepts and practices, with background in intrusion detection and forensic analysis. Possess technical ability to use and manage Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls & Log Analysis, SIEM, Network Behavior Analysis tools, Antivirus, Network Packet Analyzers, Malware analysis and forensics tools. Knowledgeable in networking and proven experience in Windows and Linux environments, including Group Policy and Active Directory. Demonstrable track record for taking initiative and getting things done under minimal supervision. Knowledge of national regulatory compliances and frameworks such as ISO, SOX, HIPAA, and PCI. Advanced in policy formulation, information security management, and business risk management. Competent in IT risk assessment and management, IT continuity management, IT governance formulation, and organizational change management. Working knowledge of IT financial management and IT audit. Strong experience and detailed technical knowledge in security engineering, system and network security, authentication, and encryption protocols. Detail oriented, strong analytic and problem-solving skills. Strong organizational skills with the ability to juggle multiple projects/tasks at once. Effective verbal/written communication and presentation skills, including an ability to communicate effectively with a diverse array of stakeholders.
COMPETENCIES

This position maps to the Manager level competencies. Additional competencies required: Leadership, Relationship Building, and Problem Solving.

#LI-JD1

#dice

 
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url