IT Security Manager Job Description

IT security managers oversee their organizations’ network and data security. They work with top executives to plan security policies and promote a culture of information security throughout the organization. They develop programs to keep employees aware of security threats. These managers must keep up to date on IT security measures. They also supervise investigations if there is a security violation.

View IT Security Manager jobs

IT Security Manager Job Description Template

Our company is looking for a IT Security Manager to join our team.

Responsibilities:

  • Manage IT Security Operations budget and resources, and participate in IT planning and project management;
  • Strengthen and formalize security processes both within the security team and with other supporting resources;
  • Oversee and manage security projects including design, implementation and integration of new or upgraded technologies;
  • Manage industry best practice guidance and security hardening guidelines for all OF technologies;
  • Manage the Identity and Access Management (IAM) Program, including access requests and attestation;
  • Working closely with many cross-functional teams to communicate and integrate control requirements (IT, General Counsel, HR, Finance, others, etc.);
  • Managing all internal and external security compliance engagement activities;
  • Managing, documenting, and communicating compliance requirements, timelines, and road map to supporting teams and leadership;
  • Integrating ongoing changes to laws, regulations, and NIST frameworks as required into daily activities;
  • Leads the effort to develop, enhance and implement security training program based on policies;
  • Providing ongoing guidance and consultation to the organization to promote a progressive and sustainable Security Awareness Program;
  • Driving project activities to ensure requirements and schedules are met;
  • Building and managing the programs supporting our existing compliance control activities and initiatives;
  • Communicating the compliance posture and effectiveness to management on a scheduled basis;
  • Developing and working with supporting teams to design and implement an automated control strategy and exception reporting process.

Requirements:

  • Fundamental knowledge of web applications protocols ( and web services frameworks (JAVA, APACHE, .NET);
  • Enterprise firewalls & extensive Splunk experience;
  • Experience with multi-factor authentication, intrusion detection, and managing threat intelligence;
  • Strong decision-making skills and excellent analytical ability;
  • Professional Security Certification (e.g., CISSP, GIAC, CISM) required;
  • Ability to lead and manage technical personnel;
  • Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism;
  • Industry knowledge of border testing, security policies, DR procedures & policies, remediation strategies and risk assessment is required;
  • Ability to complete work to given quality standards by agreed-upon deadlines;
  • Knowledge of JIRA is a plus;
  • Ability & desire to learn new product lines and technologies quickly & efficiently;
  • Strong knowledge of IT controls, including security concepts and terminology related to applications, databases, operating systems, and IT operations;
  • Experience with data protection & archiving, disaster recovery, business continuity and implementation;
  • Strong written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy;
  • Base certifications in the security industry. Examples: CCNA, MCITP/MCSE, CCSP, Security+