LINCOLN, AR Arkansas Employer

LEARN MORE / APPLY

This job was posted by https://www.arjoblink.arkansas.gov : For more

information, please see: https://www.arjoblink.arkansas.gov/jobs/4413530

The Information Security Manager (ISM) is a critical member of the Chief

Information Security Officer’s (CISO) team, acting as an interface
between the CISO’s strategic and process-based activities and the work
of the technology-focused analysts, engineers, and administrators within
the IT organization. The ISM translates the IT risk requirements and
business constraints into technical control requirements and
specifications while developing metrics for ongoing performance
measurement and reporting. Furthermore, the ISM coordinates the IT
organization’s technical activities to implement and manage security
infrastructure and provides regular status and service-level reports to
management. Performing in a leadership capacity, the ISM utilizes a
strong technical background and abilities to work closely with the rest
of the IT organization and business management roles in aligning
priorities and plans with key business objectives. While acting as an
empowered representative of the CISO during IT planning initiatives, the
ISM ensures that security measures are incorporated into strategic IT
plans and that service expectations are clearly defined. Additionally,
the ISM works with business and IT stakeholders to balance real-world
risks with business drivers such as speed, agility, flexibility, and
performance.

ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other

duties may be assigned.

Works with the Information Security organization to develop a security

program and security projects that address identified risks and business
security requirements.

Manages the process of gathering, analyzing, and assessing the current

and future threat landscape, as well as provides the Information
Security organization with a realistic overview of risks and threats in
the enterprise environment.

Works with the Information Security organization to develop budget

projections based on short- and long-term goals and objectives.

Provides security communication, awareness, and training for audiences,

which may range from senior leaders to field staff.

Consults with IT and Information Security organizations to ensure that

security is factored into the evaluation, selection, installation and
configuration of hardware, applications, and software.

Recommends and coordinates the implementation of technical controls to

support and enforce defined security policies.

Researches, evaluates, designs, tests, and recommends or plans the

implementation of new or updated information security hardware or
software, and analyzes impact on the existing environment; provides
technical and managerial expertise for the administration of security
tools.

Works with the enterprise architecture team to ensure that there is a

convergence of business, technical, and security requirements; liaises
with IT management to align existing technical installed base and skills
with future architectural requirements.

Develops and implements controls and configurations that are aligned

with security policies and legal, regulatory and audit requirements.

Coordinates, measures, and reports on the implementation and

effectiveness of security controls in the environment.

Manages security projects and provides expert guidance on security

matters for other IT projects.

Assists and guides the Disaster Recovery Planning team in the selection

of recovery strategies and the development, testing, and maintenance of
disaster recovery plans.

Monitors and reports on compliance with security policies, as well as

the enforcement of policies within the organization.

Works with the Information Security organization, IT, and business

stakeholders to define metrics and reporting strategies that effectively
communicate successes and progress of the securityprogram.

Provides support and guidance for legal and regulatory compliance

efforts, including audit support.

Assists resource owners and IT staff in understanding and responding to

security audit failures discovered in the environment.

Acts as an active participant in the Cyber Security Incident Response

Team (CSIRT).

Acts as a liaison between industry peers, government agencies (including

law enforcement), and other specialists.

Coordinates with the fusion center to identify and assess IT security

incidents.

Assists in the development and delivery of incident preparedness

exercises both at the fusion center level as well as the crisis
management team.

Ensures execution of the incident response process to the resolution of

the incident.

Actively monitors and researches cyber threats that could have a direct

or indirect impact on the Arvest brand, ownership, business operations,
technology infrastructure, and customer trust.

Utilizes commercial intelligence providers to gain insight into existing

activities in the hacker and fraudster communities, as well as planned
activities and emerging motivations.

Advises the Information Security organization of significant emerging

threats and recommends tactical steps to counteract such threats.

Develops

S:SKINTIAGP2

LEARN MORE / APPLY

Arkansas Employer

Job Hiring / LINCOLN, AR / Information Security Manager / Arkansas Employer >> APPLY/LEARN MORE >> https://de.jobsyn.org/2160f38fae414ba89e303d603666d6d98003 >> #job #jobs #hiring #BGJobs   

+++++++++++++++
? Looking for more jobs like this? Find more at CareerOneStop, sponsored by the U.S. Department of Labor Employment and Training Administration.
+++++++++++++++

US Work-eligible

LINCOLN, AR