Robert Half
Robert Half is hiring: Information Security Manager in Los Alamitos
Robert Half, Los Alamitos, CA, US
Job Description
Job Description
We are seeking an Information Security Manager to join our team in the Financial Services industry based in Cerritos, California. In this role, you will be tasked with managing our company's information security program to ensure the confidentiality, integrity, and availability of our data assets. You will also be responsible for leading and managing the information security department, providing guidance, training, and support, and fostering collaboration with other internal departments.
Responsibilities: • Oversee the establishment and management of security policies and standards across the organization to secure corporate data against unauthorized use, access, modification, disclosure, and destruction. • Conduct regular assessments of the security posture of the organization, including the evaluation of existing and proposed applications for vulnerability and risk. • Manage the annual IT audit work, including the development of the annual plan, conducting audit fieldwork, and writing issue reports. • Collaborate with IT management to review and work with appropriate personnel to perform annual tests of Business Continuity Plan/Disaster Recovery and Incident Response Plans. • Monitor network for security violations and respond to incidents of intrusion and penetration promptly. • Assist in coordinating and managing the integration of information security objectives with organizational projects and goals. • Educate staff on information security relating to vulnerabilities, viruses, fraud scams, and tools available for personal as well as system/network protection. • Oversee compliance with information security internal policies and procedures, and regulatory requirements. • Manage the creation and collection of documentation from IT and business departments in preparation for external audit annual exams. • Conduct and manage data security forensic analysis and risk assessment to evaluate the entire infrastructure for breach vulnerability. • Identify regulatory changes that will affect data and application security policy, standards, and procedures, and recommend appropriate technical changes to maintain designated security protection levels. • Monitor changes in the security industry including new vulnerabilities, viruses, intrusions, fraud schemes, and best practices and tools available for system/network protection.• Must have a minimum of 5 years of experience in the field of Information Security Management.
• Must possess strong skills in Access Control, Cisco Technologies, and Firewall Technologies.
• Should have knowledge and experience with IDS, IPS, and Active Directory.
• Auditing and Authentication experience is required.
• Must have an understanding of Computer Hardware and Configuration Management.
• Knowledge in Network Configuration, Network Security, and Network Switches is necessary.
• Experience with Firewall, Firewall security, and Penetration Testing is a must.
• Should be proficient in Security frameworks, CISSP, and Disaster Recovery.
• Familiarity with Security Compliance, Cybersecurity compliance, and Security Configuration is essential.
• Must have experience in Security Control, Security Vulnerability, and Vulnerability Analysis.
• Experience in Vulnerability Assessment and Vulnerability remediations is required.
• Should have knowledge in Network Vulnerability and Security Risk Assessments.
• Experience in Network Intrusion and NCUA is essential.
• Must be proficient in conducting Security Audits.
• Should have a detail oriented demeanor with excellent communication and interpersonal skills.
• Must have a proactive approach to problem-solving and the ability to work under pressure.
• Must be flexible with work hours and willing to put in extra hours when necessary.
• Bachelor's degree in Computer Science, IT, or a related field is required.
• Certifications in CISSP, CISM, or other related certifications are highly desirable.
Responsibilities: • Oversee the establishment and management of security policies and standards across the organization to secure corporate data against unauthorized use, access, modification, disclosure, and destruction. • Conduct regular assessments of the security posture of the organization, including the evaluation of existing and proposed applications for vulnerability and risk. • Manage the annual IT audit work, including the development of the annual plan, conducting audit fieldwork, and writing issue reports. • Collaborate with IT management to review and work with appropriate personnel to perform annual tests of Business Continuity Plan/Disaster Recovery and Incident Response Plans. • Monitor network for security violations and respond to incidents of intrusion and penetration promptly. • Assist in coordinating and managing the integration of information security objectives with organizational projects and goals. • Educate staff on information security relating to vulnerabilities, viruses, fraud scams, and tools available for personal as well as system/network protection. • Oversee compliance with information security internal policies and procedures, and regulatory requirements. • Manage the creation and collection of documentation from IT and business departments in preparation for external audit annual exams. • Conduct and manage data security forensic analysis and risk assessment to evaluate the entire infrastructure for breach vulnerability. • Identify regulatory changes that will affect data and application security policy, standards, and procedures, and recommend appropriate technical changes to maintain designated security protection levels. • Monitor changes in the security industry including new vulnerabilities, viruses, intrusions, fraud schemes, and best practices and tools available for system/network protection.• Must have a minimum of 5 years of experience in the field of Information Security Management.
• Must possess strong skills in Access Control, Cisco Technologies, and Firewall Technologies.
• Should have knowledge and experience with IDS, IPS, and Active Directory.
• Auditing and Authentication experience is required.
• Must have an understanding of Computer Hardware and Configuration Management.
• Knowledge in Network Configuration, Network Security, and Network Switches is necessary.
• Experience with Firewall, Firewall security, and Penetration Testing is a must.
• Should be proficient in Security frameworks, CISSP, and Disaster Recovery.
• Familiarity with Security Compliance, Cybersecurity compliance, and Security Configuration is essential.
• Must have experience in Security Control, Security Vulnerability, and Vulnerability Analysis.
• Experience in Vulnerability Assessment and Vulnerability remediations is required.
• Should have knowledge in Network Vulnerability and Security Risk Assessments.
• Experience in Network Intrusion and NCUA is essential.
• Must be proficient in conducting Security Audits.
• Should have a detail oriented demeanor with excellent communication and interpersonal skills.
• Must have a proactive approach to problem-solving and the ability to work under pressure.
• Must be flexible with work hours and willing to put in extra hours when necessary.
• Bachelor's degree in Computer Science, IT, or a related field is required.
• Certifications in CISSP, CISM, or other related certifications are highly desirable.