Manager, IT Security

Overview

You don't have to be an employee long before you understand the SSOE difference. It goes back to our history of reinventing ourselves for new markets, serious rates of growth year after year, and being ahead of the curve in technology. Those are the achievements of a company that rewards talent and effort in ways that mean the most to the individual.

When you work at SSOE, you work with the best and you're a part of something bigger than yourself. And providing the best possible workplace for our employees gives us a competitive advantage - helping us attract and retain top talent and drive better business results.

The Information Technology Security Manager is responsible for setting and implementing SSOE’s Information Technology Security strategic direction and ensuring the organization's resilience against cyber threats. The manager and the Information Technology Security team will develop and implement security policies/procedures, work closely with SSOE’s technology and business leaders to ensure compliance and play a key role in incident response and risk management. This role is also pivotal in aligning SSOE’s security initiatives with the corporate goals and strategic roadmap, ensuring that all security measures are integrated seamlessly with the business operations and contribute to the overall corporate mission.

Responsibilities

The following duties are typical of the position, but are not all encompassing. Responsibilities include those required to deliver quality service on schedule and within budget in a team environment.

• Develop and implement a Security Strategic Plan and Roadmap that aligns with SSOE's corporate goals and strategic direction.
• Create and manage security budget and staffing plans.
• Develop, implement, and maintain information security policies, procedures, and standards.
• Lead the Information Technology Security team in identifying, assessing, and mitigating security risks.
• Oversee the implementation of security controls and technologies to protect the organization's information assets.
• Oversee external and internal security assessments, audits, and vulnerability scans to identify and address security weaknesses.
• Manage incident response activities, including investigation, containment, and remediation of security incidents.
• Collaborate with IT, legal, compliance, and other departments to ensure alignment with security policies and regulatory requirements.
• Work closely with business leaders to integrate security practices within the business processes and facilitate secure business operations.
• Provide security awareness training and education to employees to promote a culture of security.
• Monitor and analyze security threats and trends to proactively address potential risks.
• Prepare and present regular reports on the information technology security program status to SSOE Board and senior management.
• Stay current with emerging security technologies, threats, and best practices including emerging threats (e.g., Artificial Intelligence, Phishing, Ransomware, Encryption Technologies).

Qualifications

• Bachelor's degree in Information Security, Computer Science, or a related field.
• Minimum of 5 years of experience in information technology security, with at least 2 years in a leadership role, and 10-15 years of experience working with Microsoft technologies.