Job Description:
The end client is unable to sponsor or transfer visas for this position; all parties authorized to work in the US without sponsorship are encouraged to apply.
A Software Company is seeking a Security Manager (CISSP) in Tampa, FL.
Role Description The Manager, Information Security will take the lead on ensuring our company maintains its regulatory cybersecurity certifications (ISO 270001, HITRUST 9.3, etc.) and SOC 2 Type II Attestation. We are looking for an experienced, motivated, self-starter and people leader who will make these programs successful and can execute and deliver with minimal oversight
• Define, implement, and operationalize the security risk management program • Design and implement KRI (key risk indicator) and KPI (key performance indicator) and communicate these to stakeholders • Measure and monitor the maturity level of established security programs and existing controls, including conducting periodic assessments to identify gaps and opportunities for improvement • Champion the company's commitment to security • Develop strategies to handle security incidents • Perform internal risk assessments and manage the risk register • Lead the Business Continuity Program • Monitor intrusion detection and prevention initiatives • Serve as a subject matter expert regarding information security regulatory requirements common vendor related risks (both technical and workflow based) associated information security policies and procedures • Monitor security vulnerabilities and threats and address them • Documents business processes, process narratives and flowcharts for identifying risks and mitigating controls. Oversee mitigation of identified gaps for required certifications (ISO 270001, HIPAA, HITRUST, etc.), Attestations (i.e., SOC 2 Type 2) and frameworks (NIST 800-53, including but not limited to documentation and controls) to completion • Maintain a vendor risk management program and review third party vendor contracts to ensure appropriate security and compliance controls are in place and functioning effectively • Evaluate requests for exception to established security policies, guidelines, and standards, documenting all approved exceptions and review on a recurring basis for continued necessity • Develop targeted phishing/security training campaigns as well as other training and awareness programs for all audiences (technical and non-technical) • Maintain a thorough understanding of the latest security principles, techniques, threats, technologies, and protocols • Demonstrate leadership in day-to-day responsibilities and provide coaching, leadership and mentoring to direct reports • Carry out additional responsibilities as determined and assigned based on business need
Skills & Requirements • 6 years of experience in the field of information security • 2 years of experience as a first line manager working in Cyber Security specifically • At least one certification (CEH,CISM,CISSP,CISA)- Preferred CISSP • Experience working in a SaaS organization
Why Hays?
You will be working with a professional recruiter who has intimate knowledge of the Information Technology industry and market trends . Your Hays recruiter will lead you through a thorough screening process in order to understand your skills, experience, needs, and drivers. You will also get support on resume writing, interview tips, and career planning, so when there's a position you really want, you're fully prepared to get it.
Nervous about an upcoming interview? Unsure how to write a new resume?
Visit the Hays Career Advice section to learn top tips to help you stand out from the crowd when job hunting.
Hays is an Equal Opportunity Employer.
Drug testing may be required; please contact a recruiter for more information. #1116251
