Security Manager

Security Manager

SM Investments
5-8 years
Not Specified

Job Description



General Duties

1. The IT Security Manager is responsible for designing, directing, and delivering on IT security-related activities in an organization.

2. The IT Security Manager covers nearly all aspects of a business. He closely works with other managers, project leaders, general employees, and top executives to understand how IT security can support and protect business goals. IT security manager ensures that business processes remain secure without disruptions or compromising events. When issues or security incidents occur, the IT Security Manager must quickly remediate the problem and communicate with the company's leadership to prepare for any business repercussions.

3. The IT Security Manager must serve as a bridge between the employee-often the end-user of security processes-and the technical aspects of IT security. IT security manager must be expert in designing secure networks and understanding how components, such as antivirus software and endpoint security solutions, work together to create a secure network. Using his/her technical expertise and analytical skills, the IT Security Manager collaborates with internal operations and third-party vendors to ensure that any new hardware or software installation on the organization's network meets business and security standards.

4. The IT Security Manager should lead the aspect of IT security, such as leading a computer security incident response team or testing for network vulnerabilities with penetration testing teams. Also, IT Security Manager is responsible for multiple aspects of security. He/She often manages other IT security professionals who execute security programs and support daily business operations. He/she leads collaboratively, working with their teams to develop strong security systems.
Detailed Duties

ROLES AND RESPONSIBILITIES

1. Research the latest information security technology trends.
2. Monitor the organization's networks for security breaches and investigate violations when they occur.
3. Help to design, implement, and maintain the organization's cyber-security plan.
4. Develop and direct the implementation of security standards and best practices for the organization.
5. Direct the installation and use of security tools (e.g., firewalls, data encryption), to protect sensitive information.
6. Recommend security enhancements to IT Management.
7. Help computer technicians, end users when they need to install or learn about new security products and/or procedures.
8. Ensure that IT security audits are conducted periodically or as needed (e.g., when a security breach occurs).
9. Ensure that the risk to the organization's information posed by a variety of cyber threats (cyber-attacks theft or corruption from within etc.) is minimized.
10. Ensure that when cyber-attacks occur or data are stolen or compromised, these incidents are dealt with promptly and effectively and the chance of that particular type of incident recurring is minimized.
11. Assessing the risks to computer systems and planning to minimize possible threats.
12. Upgrading existing security systems or designing new ones.
13. Testing security products and evaluating them.
14. Simulating security breaches to test procedures.
15. Making plans for disaster recovery in case security is breached.
16. Carrying out corrective actions in the event of a breach.
17. Looking for weak points in the system and securing them.
18. Ensuring that international and national network security standards are met.
19. Preparing technical documentation and reports for users and managers.
Professional Eligibility

Candidates with certification in information security (CISSP, CSSLP, CCFP, CISM, CCSP,CEH, Security+ of CompTIA,CISA, etc.) or comparable work experience will be given preference.
Skills

. Excellent communication skills and the ability to work well with people at every level and in every department are essential.
. Ability to manage many important projects simultaneously.
. Ability to resolve conflicts between security and business objectives.
. Ability to see the big picture.
. Real world hands-on experience on information security tools and best practices.
. Commitment to staying on top of the technology for information security standards.
. Honesty and high-integrity character.
. Demonstrated good judgement.
. Ability to work independently.
Education

A bachelor's degree in information technology or computer science or related college degree is required. With minimum of ten (10) years of related work experience, with at least 5 years or more in an information security management position, is also required
Experience

. With extensive work experiences and familiarity with Demilitarized Zone firewalls, web application firewalls, intrusion detection protocols, and intrusion prevention measures, anti-DDOS, Anti-Phishing, Anti-Spam, Anti-Virus, Anti-Malware, Cybersecurity, etc.
. Risk analysis/assessment experience a plus.
. Experience with Microsoft Windows Server/Unix server required. Microsoft O365 experiences preferred.
Responsibility

The Information Technology (IT) Security Manager is responsible for developing and managing Information Systems cyber security, including disaster recovery, database protection and software development security standards. He is an expert in the IT Security standards and compliance requirements including best practices, architecture and systems to ensure implementation and adherence to information system security across the enterprise.

The Information Technology (IT) Security Manager takes responsibility for overseeing and controlling all aspects of computer security in a business. The job entails planning and carrying out security measures that will protect a business's data and information from deliberate attack, non-authorized access, corruption and theft.

The Information Technology (IT) Security Manager implements security tools, procedures, policies and methods for auditing and addressing non-compliance to information security standards. He continuously and regularly evaluates the organization to ensure compliance with information security standards including technology and security practices relevance with industry security best practices.

Similar Jobs

Career Advice to Find Better