TCI Technology Consulting Inc
Information Security Manager of Operations
TCI Technology Consulting Inc, Frankfort, Kentucky, United States, 40601
TCI has an immediate need for an
Information Security Manager of Operations in Frankfort, KY.
This is not a C2C opportunity. This is a long-term contract opportunity with probable extensions.Note: This position requires US Citizenship or Permanent Residence.SUMMARYThe Information Security Manager of Operations will be responsible for overseeing and managing the day-to-day activities related to information security, playing a crucial role in ensuring the confidentiality, integrity, and availability of systems and data. This position requires strong leadership skills, technical expertise, and a deep understanding of information security principles and best practices.RESPONSIBILITIESSecurity Operations ManagementLead and managed the security operations team responsible for monitoring, detecting, and responding to security incidents.Develop and implement security policies, procedures, and standards to maintain a secure operating environment.Conduct regular security assessments, vulnerability scans, and penetration tests to identify and address potential security risks.Ensure compliance with relevant regulations, standards, and frameworks (e.g., GDPR, ISO 27001, NIST).Incident Response and Management:Develop and maintain an incident response plan to mitigate security incidents effectively.Lead incident response activities, including containment, eradication, and recovery efforts.Coordinate with internal teams and external stakeholders to investigate security incidents and implement remediation measures.Security Monitoring and Threat Intelligence:Oversee the implementation and management of security monitoring tools and technologies.Monitor security events and alerts to identify potential security threats and vulnerabilities.Stay informed about emerging threats and trends in cybersecurity through threat intelligence feeds and industry publications.Security Awareness and Training:Develop and deliver security awareness training programs for employees to promote a culture of security awareness.Provide guidance and support to employees on security best practices and procedures.Risk Management:Conduct risk assessments to identify and prioritize security risks to the organization.Develop risk mitigation strategies and controls to reduce the likelihood and impact of security incidents.Monitor and report on the effectiveness of risk mitigation efforts.Vendor and Third-Party Risk Management:Evaluate the security posture of third-party vendors and service providers.Establish security requirements and standards for vendor contracts and agreements.Monitor and assess the security practices of vendors and third parties to ensure compliance with established standards.REQUIREMENTSMinimum of 5 years of experience in information security, with at least two years in a management or leadership role.Bachelor's degree in computer science, Software Engineering, or a related field (equivalent professional experience may be considered for substitution for the required degree on an exception basis).One or more of the following certifications are a plus:Certified Information Systems Security Professional (CISSP)Certified Information Security Manager (CISM)Certified Information System Auditor (CISA)Other relevant certifications preferred.Understanding information security regulations, including the Federal Information Security Management Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), ISO 27001, COBIT NIST, and ITIL.Maintaining security, assessing and evaluating security, and doing security incident forensic work.Experience with Government agencies, particularly the Department of Defense (DoD), on information security matters. Experience with Government Classified systems and the associated security requirements.Proficiency in Microsoft Office Suite (Word, Excel, Outlook, etc.)Basic network security knowledge (general principles).Excellent documentation and communication skills.Ability to organize tasks into milestones and successfully execute to project completion.Can work independently with little direct supervision.General cyber-security understanding.Position is on-site in Frankfort, KY with some opportunity for hybrid work schedule.
Information Security Manager of Operations in Frankfort, KY.
This is not a C2C opportunity. This is a long-term contract opportunity with probable extensions.Note: This position requires US Citizenship or Permanent Residence.SUMMARYThe Information Security Manager of Operations will be responsible for overseeing and managing the day-to-day activities related to information security, playing a crucial role in ensuring the confidentiality, integrity, and availability of systems and data. This position requires strong leadership skills, technical expertise, and a deep understanding of information security principles and best practices.RESPONSIBILITIESSecurity Operations ManagementLead and managed the security operations team responsible for monitoring, detecting, and responding to security incidents.Develop and implement security policies, procedures, and standards to maintain a secure operating environment.Conduct regular security assessments, vulnerability scans, and penetration tests to identify and address potential security risks.Ensure compliance with relevant regulations, standards, and frameworks (e.g., GDPR, ISO 27001, NIST).Incident Response and Management:Develop and maintain an incident response plan to mitigate security incidents effectively.Lead incident response activities, including containment, eradication, and recovery efforts.Coordinate with internal teams and external stakeholders to investigate security incidents and implement remediation measures.Security Monitoring and Threat Intelligence:Oversee the implementation and management of security monitoring tools and technologies.Monitor security events and alerts to identify potential security threats and vulnerabilities.Stay informed about emerging threats and trends in cybersecurity through threat intelligence feeds and industry publications.Security Awareness and Training:Develop and deliver security awareness training programs for employees to promote a culture of security awareness.Provide guidance and support to employees on security best practices and procedures.Risk Management:Conduct risk assessments to identify and prioritize security risks to the organization.Develop risk mitigation strategies and controls to reduce the likelihood and impact of security incidents.Monitor and report on the effectiveness of risk mitigation efforts.Vendor and Third-Party Risk Management:Evaluate the security posture of third-party vendors and service providers.Establish security requirements and standards for vendor contracts and agreements.Monitor and assess the security practices of vendors and third parties to ensure compliance with established standards.REQUIREMENTSMinimum of 5 years of experience in information security, with at least two years in a management or leadership role.Bachelor's degree in computer science, Software Engineering, or a related field (equivalent professional experience may be considered for substitution for the required degree on an exception basis).One or more of the following certifications are a plus:Certified Information Systems Security Professional (CISSP)Certified Information Security Manager (CISM)Certified Information System Auditor (CISA)Other relevant certifications preferred.Understanding information security regulations, including the Federal Information Security Management Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), ISO 27001, COBIT NIST, and ITIL.Maintaining security, assessing and evaluating security, and doing security incident forensic work.Experience with Government agencies, particularly the Department of Defense (DoD), on information security matters. Experience with Government Classified systems and the associated security requirements.Proficiency in Microsoft Office Suite (Word, Excel, Outlook, etc.)Basic network security knowledge (general principles).Excellent documentation and communication skills.Ability to organize tasks into milestones and successfully execute to project completion.Can work independently with little direct supervision.General cyber-security understanding.Position is on-site in Frankfort, KY with some opportunity for hybrid work schedule.