The Technical Manager position is within the IT Security group whose mission is to deliver information security solutions and services that protect information assets, computing infrastructure, applications and data. Among other duties, the manager will lead the IT Security Risk management team which performs a number of risk management activities. The Technical Manager will manage a small dedicated team and is expected to be a hands-on manager with overall responsibility for the team’s duties and performance. The team responsibilities include the following:

-Risk Management. The team is responsible for the management and execution of risk management program. The program encompasses the analysis, documentation and tracking of all security risks.

-Security Policies, Standards and Procedures . The team is responsible for the creation and maintenance of security policies, standards and procedures.

-Security Awareness Training. The team is responsible for the planning, design and execution of security awareness program.

The technical manager is expected to bring new insights and capabilities that will drive the progress of the risk management team. The technical manager will work directly with the business units and acquisitions to identify acceptable levels of risk, ensure the establishment of segregation of duties/roles and responsibilities, and effective IT controls are in place in regards to security policies and standards.

We are looking for a strong Technical Manager/Leader that is exceptionally imaginative, collaborative, and truly excited about the client's mission.

Responsibilities

Manage and lead a team of security analysts to meet the needs in the above description

Provide technical leadership and insights to the team with hands-on involvement as needed

Develop and utilize a risk-based approach to identify and mitigate risks across all areas of responsibility.

Manage risk by analyzing security threats and potential impacts to the business and help define solutions to mitigate exposure by leveraging expert analytical and technical skills

Develop and implement plans for effective execution of the risk management team’s responsibilities including risk management, policies and awareness training.

Interface with different stakeholders inside and outside the IT security organization to drive progress and make appropriate technical and process changes.

See to the performance, recognition and professional development needs of the team.

Ensure that IT requirements and security activities are in compliance with applicable international and domestic laws, regulations, Data Transfer Agreements, etc. to minimize or eliminate risk and findings.

Perform project management activities as they relate to the execution and delivery of the risk management team projects and deliverables.

Generate and provide reports and metrics on all risk management activities

Qualifications

Qualifications

In-depth knowledge in information security concepts, technologies and tools.

Solid understanding of information security policies, standards and industry best practices

Deep expertise in risk management activities, including knowledge and application of industry risk management standards and best practices.

Able to successfully plan, organize, motivate, and direct resources to get results

Strong leadership, interpersonal, and communication skills

Proven management skills and ability to work with infrastructure teams, development managers and information security teams to make sure that activities meet expected standards and are provided within the required schedule.

Strong analysis and analytics experience necessary. Strong ability to create influential presentations that are able to convey complex risks and issues to different audiences

Minimum Bachelor’s degree in Information systems or related field or an equivalent combination of education and experience

Subject matter expertise on a broad range of IT control and security industry standards and best practices, such as ISO 27001/2, CSF and NIST standards/frameworks.

Minimum of 5 years of hands-on technology risk, security and/or governance experience

Desired

Prior supervisory experience

Experience in policy creation, distribution, and maintenance at a similar organization

Security awareness training development and delivery.

Experience in Amazon Web Services (AWS) security.