Senior Manager, Information Security Job Description

View Senior Manager, Information Security jobs

Senior Manager, Information Security Job Description Template

Our company is looking for a Senior Manager, Information Security to join our team.

Responsibilities:

  • Passion for technology, information security, and how Quantcast protects and delivers services to its users;
  • Understand the security needs of internal and external stakeholders, regulators, and auditors;
  • Be a champion for Information Security both internally and externally;
  • You will lead the development and oversight of required corrective action plans relating to security risks and compliance requirements;
  • Identify, research, and evaluate new compliance requirements and present them to the team and leadership;
  • Undertake and/or lead regulatory readiness assessments and development of appropriate strategies;
  • You will be responsible for managing all incidents that are reported at Quantcast and the Jira Infosec queue;
  • Evaluating the information security risks of key technology security initiatives within the context of jurisdictional requirements;
  • Addresses legal and regulatory requirements of systems falling within a compliance program and monitors compliance with ISPS requirements;
  • Aligns with metric based measurement of progress and provide input into executive dashboards regularly;
  • Builds and fosters strong relationships, and collaborates closely with peers and partner groups in Corporate;
  • Manages security compliance assessments and controls testing and oversees remediation of control failures;
  • Gathers artifacts for internal and external compliance assessments;
  • Provides leadership in executing and expanding on the strategy of the Information Security Officer;
  • Knows and evaluates current policies to provide directional analysis and mitigation projects.

Requirements:

  • Understand Risk Management principles and the tools to ensure attention is brought to high-risk areas;
  • Have solid knowledge of ISO 27001, NIST and other information security standards and ideally have some experience implementing these standards;
  • Good communicator who is used to working in a dynamic environment;
  • Solid attention to detail and ability to communicate that detail in summary form;
  • Role certifications required: Certificated internal auditor; certified lead implementor (in line with ISMS);
  • Ability to multi-task and meet deadlines;
  • Prefer one of the following certifications: CISSP, CISM, CISA or equivalent;
  • Proven ability to achieve results in a fast moving, dynamic environment;
  • Proven understanding of information security risk assessment and technology risk management and compliance procedures and methodologies;
  • Demonstrated experience leading work of others;
  • Ability to establish and maintain relationships with individuals at all levels of the organization, in the business community and with vendors;
  • Thorough knowledge of all aspects of information security and compliance including SOX and SSAE 16, ISO 27001/2, and PCI;
  • Solid understanding in application security, cloud security, security operations, incident response and infrastructure security;
  • Skilled in translating technical data into business impact information;
  • Proven analytical and problem-solving abilities.