You are here
Cyber Security Manager
- Manager position within Cyber Security group for a Health Insurance firm
- Experience in Incident Response and Vulnerability Management necessary
About Our Client
Our client is large Health Insurance provider
This Manager will be part of a cross-functional security risk team that gathers technical and procedural information, deploys necessary tools to test and validate IT infrastructure, identifies vulnerabilities, analyzes information derived from engagements to determine information security risks and provides remediation assistance.
The responsibilities of this position include but are not limited to the following:
- Assess and investigate client IT security programs and environments via interviews and technical information analyses.
- Understand existing client processes and controls with respect to electronic and non-electronic information security.
- Develop client security programs by reviewing existing programs; conducting comprehensive reviews of threats; evaluating and analyzing relevant data points.
- SOC Strategy Development: Architecting and design of security solutions (SIEM, IDS, etc.) for client environments.
- Engage in Security Architecture reviews, regulatory compliance initiatives and information security program reviews.
- Develop Information Security Plans and Policies, including those for Incident Response, customized to client requirements and risk profile.
- Coordinate with security specialists, incident response handlers, digital forensic experts, network engineers, system engineers and Web application engineers to explore and report on specific security risk issues in depth.
- Provide recommendations on IT solutions to help clients manage information security risk.
- Assess IT network and security architectures as they relate to managing identities and access privileges, delegated administration models, workflow and access control models.
- Document results of security risk analyses and formally present to clients.
- Understand current regulatory environment and related implications to security management compliance.
- Track emerging security practices and contribute to building internal processes.
The Successful Applicant
The ideal candidate would have 7+ years in progressively sophisticated roles in information security engineering and/ or IT technical project management. The position requires a strong, diverse technical background and truly exceptional oral and written communications skills. The candidate must demonstrate proven success in working in a team as well as independently and exhibit follow-through to understand root causes of issues. This position calls for an individual who exhibits thoughtful introspection but is also able to assess a broad spectrum of issues. A collaborative approach is a must, as well as the ability to effectively communicate with a wide range of technical and non-technical personnel. Finally, personal flexibility and the ability to travel globally is required.
- 7+ years of IT security engineering with expertise in either network or application security.
- Experience performing security and risk assessment work.
- Prefer at least 3 years of client facing consulting experience.
- Excellent written and verbal communication skills.
- IT security certifications ( CISM, CISSP, OSCP, OSCE, GIAC) is a plus.
What's on Offer
Competitive Base, Bonus and Benefits