Information Security Data Security Manager

Information Security Data Security Manager

Alorica Teleservices Inc
4-10 years
Not Specified

Job Description

Prioritizes, scopes, and manages team(s) responsible for the implementation, execution and monitoring of Information Security
processes and procedures. Provides leadership and guidance in securing information owned or used by the firm. Ensures
integration of the Information Security Program with firm processes. Executes projects and initiatives that identify and manage
information risk. Audits and consults on information risk management practices to various constituents across the firm
internally as well as externally including customers and industry bodies. Mentors and develops subordinates through a
combination of stretch assignments, performance appraisals, duty rotations, and internal/external training.

Essential Duties & Responsibilities
Monitors emerging technologies for adoption by the firm. Identifies gaps in security architecture and framework suitable
for tool automation or enhancement. Identifies functional specifications for tools and proposes solutions to IT leadership.
Defines measures and targets to be used as key performance indicators (KPIs). Identifies normal states, variance tolerance,
and escalation/alarm thresholds. Manages team performance to target and assists with escalation to ensure timely resolution.
Tracks project activities, ensures security deliverables are met on time, Alternate representative to large project. Provides
guidance on security policy, technology risk, and appropriate controls. Escalates variance to senior management for
guidance and resolution.
Responsible for Enterprise Security Architecture. Documents design attributes and target components. Represents
Information Security on Enterprise Architecture team. Ensures Security is incorporated into projects and products during
plan and design phases.
Develops cross-functional strategies to reduce technology and operational risk within the Information Security team and
across the firm. Reviews and approves recommended policy and procedure changes. Serves as subject matter expert on IT
security and business/firm applications, tools, polices, and controls.
Monitors policy and standard review process. Advises Analysts and Engineers on structure, format, and content. Identifies
SME and key stakeholders for baselines and standards. Mentors senior engineers on policy hierarchy and development
Selects vendors in compliance with firm sourcing policies and departmental requirements. Provides input into corporate
sourcing practices. Reviews and negotiates Info Sec vendor contracts. Monitors vendor performance to contract and
resolves issues.
Ensures contract reviews are completed within SLA. Advises Engineers on contract review and commentary. Reviews and
resolves escalated language issues. Represents Information Security in direct negotiations with the customer.
Monitors and reviews audit processes. Develops metrics for tracking resources committed to audit support. Identifies
standard security metrics for external representation. Drives reduction of audits through improved metrics,
communications, and billing for audit time.
Drafts and delivers awareness content for senior managers. Responsible for execution of annual security awareness training.
Reviews and edits internal and external communications for approval by senior management. Seeks content approval
though defined channels. Identifies changes to approval path and implements in conjunction with stakeholders.
Identifies potential vendor risks, defines parameters, advises engineers on process. Works with peer leads across IT to
ensure processes are followed and reviews completed for all vendors as appropriate.
Defines tool requirements, selection criteria, and key performance attributes. Projects capital operating expenses. Reviews
and approves operating procedures.
Develops and maintains incident response and investigation procedures. Ensures staff is properly trained in incident
response. Functions as incident commander for Info Sec during security investigations and incident response. Ensures
incident findings and
Responsible for understanding and complying with all policies, procedures, and regulations relating to job duties.
Perform other duties as assigned by management

Qualifications & Requirements

High School Diploma or GED required
Bachelor's Degree or equivalent work experience in Computer Science, Business Administration or Information
Assurance required
Master's/Advance Degree preferred
Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP),
Certified Information Systems Auditor (CISA), or equivalent certification required
4 years of Information Security experience required.
3-5 years of information Security or Technology management experience
7 years of Information Security experience preferred

Knowledge, Skills, Abilities & Other Characteristics:
Proficient personal computer skills including Microsoft Office.
Experiencing developing security programs and strategies managing compliance with 3 or more of the following
regulatory frameworks: Health Information Portability and Accessibility Act (HIPAA), Federal Information Security
Management Act (FISMA), Sarbanes
Experiencing developing security programs and strategies managing compliance with the following security
frameworks and reporting/assessment methodologies: Payment Card Industry Data Security Standard (PCI DSS), ISO
27002, and Service Organization Control
Experience developing and delivering security programs and strategies incorporating Strong Authentication, Access
control, Network Security and firewall/IDS/IPS, Cryptography, Security policy and control development, forensics &
investigations, informatio
Experience developing and delivering security programs and strategies for securing the following Operating systems
and utilities: UNIX, Linux, Windows, Active Directory, and Group Policies
Excellent written, verbal and interpersonal communication skills.
Ability to multi-task and adapt to change.
Proven track record of meeting or exceeding customer experience and financial objectives
Ability to maintain the highest level of confidentiality.
Strong analytical and presentation skills.
Proven track record in a metric focused environment.
Strong process orientation skills and project management abilities.
Excellent leadership and organizational skills.

Job Details

Alorica Philippines

Similar Jobs

Career Advice to Find Better