Cyber Security Manager Location:Bethlehem, PA, Full time or C2H

Cybersecurity Manager is responsible for the enterprise-wide information security policy, information security strategy, information security architecture, information security operations, and information security risk management.

Oversees and coordinates security initiatives working with executive, business and functional leaders and staff including human resources, audit and compliance, corporate and financial investigations, legal, physical security, systems operations and systems development.

This role will provide vision and leadership necessary to manage risk to the organization to ensure business alignment, effective governance, operational efficiency and performance monitoring and measurement.

will make recommendations for executive level actions through both informal and formal means, including but not limited to executive level metrics, dashboards, risk analysis and mitigation, acceptance and reporting.

will implement programs and processes to comply with national, local, and global information security and privacy regulations.

will lead IT Risk Assessments to identify key corporate security vulnerabilities that affect the confidentiality, integrity and availability of company confidential data and provides support to systems owners to address and implement solutions to identified security and risk issues.

will support security and privacy audits and develops a mitigation strategy for the issues discovered.

Finally, the position will prioritize the protection of valuable information and maintain the confidentiality and integrity of company and customer data through implementation of various security programs and technology platforms.

ResponsibilitiesPosition Details:

  • Keeps abreast of industry trends and current emerging risks
  • Develop and maintain Cyber Security Client specific program in accordance with leading standards i.e NIST, CSF and ISO.
  • Lead assessments of current security technology and authentication systems and evaluate against Federal and State Information Protection and Privacy regulations, Information Security Policies, and other relevant regulations pertaining to the protection of Enterprise Information assets with respect to information security.
  • Develop and advance information security policies, standards and procedures in conjunction with the application and technology teams responsible for the day to day systems configuration and operation.
  • Lead the assessment and review of new and existing technology infrastructure to identify key risk areas, and ensure adequate levels of control are in place to address those risks and develop risk mitigation techniques and processes to ensure that all reviews as actionable by system manager and the operations staff.
  • Lead the consultative process and advise personnel in IT departments to coordinate information security activities.
  • Support Information Security Officer in Information Security activities as needed.
  • Develop and lead activities supporting the IT Risk Management process such as data classification and security controls maintenance.
  • Lead Collaborative programs with personnel in IT and all business units to ensure that electronic data security is consistently implemented throughout the Enterprise.
  • Update skills as necessary to support Information Security and remain knowledgeable of industry standards and advancements.
  • Assist with the design and administration of Cyber Security Awareness Training, including reporting.â?¢ Assist with the coordination and remediation of found vulnerabilities.
  • Develop presentations and other materials to communicate Cyber Security initiatives to all staff, senior management.OE/Lean
  • Actively participate in the implementation of sustainable improvement processes, such as 5S, Kaizen, Daily Management Control, Standard Work and Problem Solving.
QualificationsExperience:
  • Should have clear understanding of all domains on information security and as per ISO27001 guidelines (globally accepted framework) and have relevant experience in auditing information systems from a technology and physical security perspective.
  • Should have detailed understanding on below technologies - Network Devices (Fortinet Firewall - Hands-on [Mandatory])â?¢ Anti-Malware solutions (McAfee preferred)â?¢ Intrusion Prevention Systemsâ?¢ Web Content filtering solutions (Umbrella preferred)â?¢ DLP Technologies - Host, Email, Webâ?¢ Web Application Firewallsâ?¢ SIEM (Security Information and Event Management) Solution (IBM QRadar preferred)Certifications (Desirable)â?¢ CISA (Certified Information Security Auditor) ORâ?¢ CISM (Certified Information Security Manager) ORâ?¢ Certified Information Systems Security Professional (CISSP)â?¢ CompTIA Security+Knowledge of Cyber Security Framework for e.g. NIST, CSF would be desirable. Minimum of 7+ years of experience in information services with 5 years of demonstrable and progressive experience operating within Information Security domains. Require in-depth understanding of Information Security practices for network, servers, databases, applications, and advanced use of Information Security assessment techniques.

Education:Bachelor\'s Degree is required.

  • Concentration in computer science with emphasis on IT security preferred.Knowledge,
Skills & Abilities:

  • Incumbent must have a well-developed business understanding, working knowledge of customer requirements and demonstrate a balance between analytical and creative thinking.
  • Incumbent must also be a self-starter who seeks responsibility and is able to work with minimal direction.
  • Incumbent must have demonstrated a willingness to challenge conventional ideas, be flexible, innovative, and be able to function effectively in a team environment and possess superior analytical and problem-solving skills. Incumbent must be proficient in personal computers and related databases.

  • Computer skills required include knowledge of spreadsheets, database and word processing software on PC based systems. Incumbent must possess excellent organizational and communication skills. Incumbent must possess strong interpersonal skills and have the ability to communicate.
  • Ability to instruct/transfer job information/knowledge to others is preferred.The employee is expected to be self-directed, take initiative and be persistent when appropriate to accomplish necessary duties and keep busy without prompting.
  • Additionally, the employee is expected to be adaptable/flexible to changing work assignments, have a high level of integrity, dependability, and self-control to maintain composure, perform multiple tasks at once, learn and memorize procedures, manage time effectively and efficiently, meet established deadlines, display a cooperative demeanor, read, understand, and follow all company, job specific and safety policies/procedures, and attend/use all required training.

Key Skills:

  • Cyber Security Manager
Scroll