Back to Jobs

Information Security Manager

Advantage Tech is searching for an Information Security Manager, to join their client in Lee’s Summit, MO.

This role encompasses a dual responsibility, focusing on cybersecurity analysis for both our client and their sister company. Your duties will span across both companies, requiring a comprehensive understanding of their unique cybersecurity landscapes. By undertaking this dual role, you will have the opportunity to engage with diverse cybersecurity challenges, staying up to date on the latest threats and technologies in the field. Your role will be instrumental in fostering a secure and resilient environment for both companies, aligning with their strategic objectives and commitment to cybersecurity excellence.

DESCRIPTION:
The Info. Security Manager role is responsible for several key areas related to cybersecurity within the organization. These responsibilities include implementing and managing a vulnerability management tool to identify and assess security risks, monitoring company networks for security breaches, conducting thorough investigations in the event of incidents, and recommending corrective actions.

The role also involves promptly remediating vulnerabilities and other security issues, developing and maintaining IT security policies, conducting security audits, generating comprehensive reports on audit findings, and staying informed about the latest IT security trends and implementing cutting-edge technologies. Additionally, the individual is tasked with developing and implementing a security plan, collaborating with IT teams, and providing expertise and support to ensure a secure IT environment.

This role requires extensive familiarity with IT processes and procedures to ensure organizational-wide support. In this role, he/she may have access to Protected Health Information (PHI) and Electronic Protected Health Information (EPHI).

RESPONSIBILITIES:

IDENTIFY
- Identify physical and software assets within the organization to manage cybersecurity risk to establish the basis of an asset management program.
- Identify legal and regulatory requirements regarding the cybersecurity capabilities of the organization.
- Identify risk management strategy including priorities, constraints, risk tolerances, and assumptions used to support risk decisions.

PROTECT
- Stay informed about the latest information technology security trends.
- Implement cutting-edge technologies to protect information and ensure the organization is at the forefront of security practices.
- Develop and implement a security plan outlining best standards and practices for the company to safeguard against potential threats.
- Conduct regular security audits to assess compliance with established security policies.
- Generate comprehensive reports detailing audit findings, vulnerabilities, and remediation efforts.

DETECT
- Monitor company networks to proactively detect and respond to security breaches.
- Implement and manage a comprehensive vulnerability management tool to identify and assess potential security risks within the organization’s systems.

RESPOND
- Conduct thorough investigations in the event of a security incident, analyzing root causes and recommending corrective actions.
- Develop & conduct a response process to be executed during and after an event.
- Mitigation activities are performed to prevent expansion of an event and to resolve the incident.

RECOVER
- Remediate vulnerabilities and other security issues promptly to enhance the overall security posture of the organization.

ESSENTIAL FUNCTIONS:

Monitors and analyzes the inbound network traffic for suspicious activity and potential cyber security incidents.
Stay up to date on industry trends to ensure most comprehensive programs are in place within the organizations.
Ensure hardware & software applications are updated.
Operates at a shift work schedule to ensure 24/7, 365-day coverage.
Review and validate security reports.
Report activity inconsistent with company policy
Use and provide basic update to instruction and knowledge for security systems.
Educate, train and ensure competence of all staff on company security policies.
Educate, train and ensure competence of all IT staff members as it relates to organizational wide systems and overall cybersecurity wellness.
Collaborate with IT teams to assist with various tasks as needed.
Provide expertise and support to ensure a secure IT environment.

REQUIREMENTS:

Bachelor’s degree in computer science, Information Technology, or related field experience.

Certifications such as CISSP, CISM, or equivalent can be considered in lieu of educational requirements.

Proven 2-4 years’ experience in IT security, policy development, and incident response.
Strong understanding of network security concepts and incident response.
Proficiency in writing, updating, and maintaining IT security policies and procedures.
Experience conducting security audits and generating detailed reports.
Familiarity with the latest trends in information technology security.
Ability to develop and implement comprehensive security plans based on industry best practices.
Excellent analytical and problem-solving skills.
Strong communication and documentation skills.
Detail-oriented with the ability to manage multiple tasks concurrently.
Up-to-date knowledge of cybersecurity trends and technologies.

Strong interpersonal skills and ability to effectively communicate with teams across the entire organization.
Demonstrated high level of professionalism and discretion.
Excellent analytical and problem-solving skills.
Ability to adapt to the needs of the organization and employees.
Ability to work effectively in a wide variety of disciplines.
Strong verbal and written communication skills.
Excellent time management skills with a proven ability to meet deadlines.
Superior organizational skills, attention to detail/level of quality, and communication (written and verbal).
Proficient in latest technology for IT systems and management.

Submit Resume