Contact Us 877.823.3669

IT Security Manager in Golden, CO at SNI Technology

Date Posted: 7/19/2018

Job Snapshot

Job Description

SNI Technology's client located in Golden, CO is actively looking to hire an IT Security Manager for an exciting direct-hire opportunity!

Top Things Needed:

  • Bachelor's Degree in Computer Science or related discipline and/or 5 years' equivalent work experience
  • Must have prior experience in PCI compliance.
  • One of more of the following certifications:
    • MCSE: Security
    • CISSP
    • ISSAP
    • MCSA: Security

POSITION SUMMARY:

The IT Security Manager will perform three (3) core functions for the enterprise:

  • Establish an enterprise security stance through policy, architecture and training processes. These tasks will include the selection of appropriate security solutions, and oversight of any vulnerability audits and assessments. The IT Security Manager is expected to interface with peers in the IT department as well as with the leaders of the business units to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.
  • Perform day-to-day operations of the in-place security solutions and the identification, investigation and resolution of security breaches detected by those systems. These tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments.
  • Possess detailed knowledge of the enterprise's security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals.

Please note that this position will not have any direct-reports. This position will not require any management of personnel.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

  • Strategy & Planning
    • Create and maintain the enterprise's security architecture design.
    • Create, and maintain the enterprise's security awareness training program.
    • Create and maintain the enterprise's security documents (policies, standards, baselines, guidelines and procedures).
    • Create and maintain the enterprise's Business Continuity Plan and Disaster Recovery Plan, where appropriate.
  • Acquisition & Deployment
    • Maintain up-to-date knowledge of the IT security industry awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
    • Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise's existing procurement processes.
    • Oversee the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically.
  • Operational Management
    • Ensure the confidentiality, integrity, and availability of the data residing on or transmitted to/from/through enterprise workstations, servers, and other systems in databases and other data repositories.
    • Ensure the enforcement of enterprise security documents.
    • Engage in all investigations into problematic activity and provide on-going communication with senior management.
    • Supervise the design and execution of vulnerability assessments, penetration tests and security audits.
    • Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.
    • Maintain operational configurations of all in-place security solutions as per the established baselines.
    • Monitor all in-place security solutions for efficient and appropriate operations.
    • Provide on-call support for end users for all in-place security solutions
  • General
    • Develop and maintain security policies, including but not limited to, identity and access control, cyber-threat intelligence, incident response/discover, and breach readiness/management.
    • Responsible for Change Management procedures and policies
    • Ensure that all hardware, systems, and infrastructure are PCI compliant. This includes, but not limited to: segregation of networks, audit logging, network scans, timely and independent viewing of audit logs and physical security.

To perform the job successfully, an individual should demonstrate the following F.A.S.T. Track Principles:

  • Friendliness
  • Accountability
  • Service Excellence
  • Team Work

SKILLS, EDUCATION, AND EXPERIENCE:
Knowledge & Experience:

  • Bachelor's Degree or higher in the field of computer science and/or 5 years' equivalent work experience.
  • One or more of the following certifications:
    • Microsoft Certified Systems Engineer: Security
    • CISSP - Certified Information Systems Security Professional
    • ISSAP - Information Systems Security Architecture Professional
    • Microsoft Certified Systems Administrator: Security

Formal Education & Certifications:

  • Extensive experience in enterprise security architecture design.
  • Extensive experience in enterprise security document creation.
  • Experience in designing and delivering employee security awareness training.
  • Experience in developing Business Continuity Plans and Disaster Recovery Plans.
  • Strong understanding of IP, TCP/IP, and other network administration protocols.
  • Familiarity with best of breed security software.