Manager of IT Security
- Full-time
Company Description
Sonoma Consulting provides the highest quality service and support to our clients and consultants. Our clients range from start-ups to Fortune 500 companies.
Job Description
Responsibilities:
• Provide leadership to define and implement a risk based strategy and program to manage our digital and information assets and then continuously review and set/update policies to support the program.
• Lead the organization in identifying, developing, implementing and maintaining business and technology processes and systems across the organization to reduce information and information technology risks.
• Establish appropriate standards and policies, indirectly manage security technologies and direct the establishment and implementation of policies and procedures for recurring and urgent investigations, breaches, and assessments.
• Participate in key Operations and Systems operating routines to implement and drive information security risk strategy and business processes.
• Work with Client’s Infrastructure team to ensure our applications are developed, enhanced and maintained according to the security-based best practices and associated security guidelines.
• Collaborate with Infrastructure, Internal IT, and marketing colleagues to help define and ensure Client -wide consistency of security protocols and risk management.
• Work with business colleagues to review RFPs, RFIs etc., and provide security and risk-related input into proposals.
• Monitor information security trends internal and keep leadership informed about information security-related issues and activities potentially affecting the organization.
• Provide leadership to define and implement a risk based strategy and program to manage our digital and information assets and then continuously review and set/update policies to support the program.
• Lead the organization in identifying, developing, implementing and maintaining business and technology processes and systems across the organization to reduce information and information technology risks.
• Establish appropriate standards and policies, indirectly manage security technologies and direct the establishment and implementation of policies and procedures for recurring and urgent investigations, breaches, and assessments.
• Participate in key Operations and Systems operating routines to implement and drive information security risk strategy and business processes.
• Work with Client’s Infrastructure team to ensure our applications are developed, enhanced and maintained according to the security-based best practices and associated security guidelines.
• Collaborate with Infrastructure, Internal IT, and marketing colleagues to help define and ensure Client -wide consistency of security protocols and risk management.
• Work with business colleagues to review RFPs, RFIs etc., and provide security and risk-related input into proposals.
• Monitor information security trends internal and keep leadership informed about information security-related issues and activities potentially affecting the organization.
Qualifications
Requirements:
• More than 10 years of experience in IT with at least 3 years in a security leadership role in a global organization.
• Application Life Cycle management and application development experience in the context of a security framework.
• Strong subject matter experience in infrastructure & application security, vulnerability testing and development of a risk appetite.
• Risk management experience with proven ability to effectively apply risk principles to challenging business situations.
• Superior business acumen, strategic planning skills and experience with an emphasis on visionary innovation and automation.
• Demonstrated organizational skills with the ability to identify priorities, drive performance, and execute plans on schedule.
• Excellent written and verbal communication skills, as well as effective presentation and persuasion capabilities, and management presence that elicits confidence and credibility.
• Resourceful, flexible, and open to new ways of thinking, with the ability to drive change.
• BS Degree in related field or equivalent experience
• Security certifications strongly desired
• Ability to work nonstandard hours including nights, weekends and holidays
• Domestic as well as International travel will be required
• More than 10 years of experience in IT with at least 3 years in a security leadership role in a global organization.
• Application Life Cycle management and application development experience in the context of a security framework.
• Strong subject matter experience in infrastructure & application security, vulnerability testing and development of a risk appetite.
• Risk management experience with proven ability to effectively apply risk principles to challenging business situations.
• Superior business acumen, strategic planning skills and experience with an emphasis on visionary innovation and automation.
• Demonstrated organizational skills with the ability to identify priorities, drive performance, and execute plans on schedule.
• Excellent written and verbal communication skills, as well as effective presentation and persuasion capabilities, and management presence that elicits confidence and credibility.
• Resourceful, flexible, and open to new ways of thinking, with the ability to drive change.
• BS Degree in related field or equivalent experience
• Security certifications strongly desired
• Ability to work nonstandard hours including nights, weekends and holidays
• Domestic as well as International travel will be required
Additional Information
TItle:Security Manager / Director
keyworkds: Security