IT Security Manager

The Opportunity:

In the role of IT Security Manager, you will lead the security team and be responsible for architecture, design, implementation, and management of our security framework in AWS, Azure, Microsoft 365 and other SaaS platforms. This person is responsible for moving us forward into automating our security framework for ACA Group (“ACA”)’s cloud software as well as internal corporate infrastructure. Driving the team to be successful and ensuring all deliverables are met is critical to success.

This person will work closely with Information Risk on the execution and enforcement of our information security programs. Additionally, this person will be the primary contact for our due diligence and audit teams, maintaining a repository of answers and evidence required to meet our obligations to clients and auditors for security certifications. 

• Office Locations: NYC (office is near Grand Central), Pittsburgh, Medford, Oregon, Chattanooga, Portland, Maine and Boston
• Must be able to go into one of these offices 2 days/week (Hybrid)

What you’ll do:

• Lead the development and execution of the security strategy for ACA’s technology systems
• Manage and mentor staff to ensure they are successful and meet required deliverables
• Collaborate with Information Risk on the development and compliance of corporate security policies
• Collect and organize evidence and information about our environment for use in answering client Due Diligence questions as well as other audits such as SOC and ISO 27001
• Define and develop security monitoring standards
• Define and implement security policies and controls
• Develop automation to detect and enforce adherence to defined policies and controls
• Develop automation to detect configurations that do not align with security best practices
• Develop security dashboards for varying audiences from engineers to management
• Manage the IT Security budget and balance the cost of the security tools against provided value
• Participate in the design and implementation of disaster recovery and business continuity to ensure they operate following security baselines
• Craft and communicate creative and practical solutions to problems
• Perform ad-hoc work/special projects as necessary to support ACA on various client and internal initiatives

To Qualify for the role, you will have:

• Bachelor’s Degree required – major in Cybersecurity, Information Security Management, Computer Science or Management Information Systems preferred.
• A minimum of seven (7) years of IT experience, with five (5) years in an information security role and at least two (2) years in a supervisory capacity.
• Experience performing security risk assessments and compliance audits.

Required Skills and Attributes

• Demonstrated professional integrity
• Dependable, flexible, and adaptable to new ACA initiatives and changing client needs
• Ability to work well in a fast-paced, small-team environment
• Self-starter who works to improve their own effectiveness as well as providing ad-hoc suggestions
• Executes assigned tasks on time and with high quality
• Works to first self-resolve when faced with challenges, requiring limited oversight
• Ability to work independently, multi-task and prioritize effectively
• Ability to establish and maintain effective working relationships with colleagues and clients
• Highly motivated and goal oriented; proactive in one’s own education and career progression; volunteers for and shows initiative on both internal and external projects and tasks
• Dedicated to upholding ACA’s high-quality standards and customer service focus
• Strong organizational and problem-solving skills with attention to detail
• Strong oral and written communication skills

Preferred Education and Experience

• 3+ years’ experience in AWS or Azure Cloud Security & Security Automation
• Familiar with GDPR, SOC, NIST, and ISO 27001 standards and associated audit processes
• Security Certifications such as AWS Security, SSCP, CISSP, or CISM

 What working at ACA offers:

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. Our Total Rewards package includes medical and dental coverage and 401(k) plans, and a wide range of paid time off options as well as a flexible work environment. You’ll also be granted time off for designated ACA Paid Holidays, Summer Fridays, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. We also offer unique benefits such as Student Debt Forgiveness and Pet Insurance.

About ACA:

ACA Group is the leading governance, risk, and compliance (GRC) advisor in financial services. We empower our clients to reimagine GRC and protect and grow their business. Our innovative approach integrates consulting, managed services, and our ComplianceAlpha® technology platform with the specialized expertise of former regulators and practitioners and our deep understanding of the global regulatory landscape.

What we commit to:

ACA is firmly committed to a policy of nondiscrimination, which applies to recruiting, hiring, placement, promotions, training, discipline, terminations, layoffs, transfers, leaves of absence, compensation and all other terms and conditions of employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.