Security Program Manager

Beacon Hill - Job Details
< Back to Search Results

Security Program Manager

St. Louis, Missouri

|

Direct (Permanent) Full Time

|

$ 112,000 - $ 139,000 per year

St. Louis, Missouri

Direct (Permanent) Full Time

$ 112,000 - $ 139,000 per year

November 09, 2022

|

Job ID: STLSecProgramAB_1668013898

November 09, 2022

Job ID: STLSecProgramAB_1668013898

Job Summary

Job Id: STLSecProgramAB_1668013898 Apply Now

The Security Program Manager provides leadership, direction, and collaboration with cross-functional teams to deliver security program best practices throughout the organization. This includes developing, implementing, and iterating security program risk assessments, management policies, procedures, frameworks, and metrics to achieve a safe and secure business environment. The role will operationalize and scale a durable security program aligned to regulatory, customer, and corporate security requirements. Daily duties involve working closely with IT, compliance, security analysts, security vendors, and business stakeholders.

Responsibilities

* Collaborate with CIO, IT management, Compliance Officer, Privacy Officer, and other leadership to define information security, risk, and compliance requirements for the organization.

* Responsible for the development, establishment and maintenance of an Information Security Program that is consistent with Organization's mission, values and operating goals while meeting all legal, regulatory, and contractual requirements.

* Collaborate with a cross-functional team to develop and conduct information security risk assessments to identify information security risks for the organization and drive the implementation of recommended mitigations.

* Oversee the development, implementation and maintenance of the Organization's Information Security policies, practices, and standards necessary to address regulatory requirements and identified risks.

* Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.

* Design, coordinate and oversee security testing and audit procedures to verify the ongoing effectiveness of existing security controls and manage the remediation of identified risks.

* Manage incident response activities from identification, detection, response, and mitigation to identified security incidents including collaboration with other teams such as Compliance, Legal and Communications to ensure organization is appropriately protected and regulatory requirements are met through all stages of managing the incident.

* Ensure that all acquisitions and outsourcing efforts address information security requirements consistent with organization goals through the assessment of the security practices of potential and existing vendors and assisting with the review and approval of Service Level and Data Security Agreements.

* Foster a culture of security awareness by overseeing staff training programs, security awareness campaigns, and regular communications and collaboration with personnel at all levels of the organization.

* Lead the Security Committee and ensure awareness of the organization's security posture through regular reporting to the Compliance Committee and Senior Leadership.

* Counsel and advise cross-functional teams to ensure consistent application of security policies, standards and best practices across all technology projects, systems, and organization initiatives.

* Serve as primary point of contact for security-related issues and questions throughout the organization and provide internal and external guidance with respect to security strategy.

* Proven subscription to the company's core values of integrity, trust and respect, innovation, stewardship, excellence, and celebration.

Education, Skills, Personal Attributes, and Experience Required

* BA/BS in Computer Science, Information Systems, or similar field (or BA/BS in Business with a minor in Computer Science, Information Systems, or similar field), or equivalent work experience. A Master's degree, MBA or advanced educational degree preferred.

* Must have and maintain a CISA, CISM, or CISSP certification.

* Previous experience aligning security programs to frameworks such as SOC, NIST, CIS, HIPAA, HITRUST, and PCI.

* Minimum 7 years of work experience in information security program management in a complex IT environment.

* Analytical, problem-solving, negotiation and organizational skills with a clear experience focusing under pressure.

* Technical and managerial expertise in the administration of security controls.

* Superb interpersonal, verbal, and written communication skills with the ability to convey complex concepts to a broad range of technical and non-technical audiences.

* Experience managing competing priorities and simultaneous/concurrent projects in a fast-paced environment.

* Must possess excellent computer software skills with Microsoft Windows, Office, Visio (or equivalent) to produce documentation as part of the security program.

* Be independent, results oriented, and thorough in examination and analysis.

STLSecProgramAB_1668013898

Apply Now

Apply Now



About Beacon Hill

Beacon Hill is an Equal Opportunity Employer that values the strength diversity brings to the workplace. Individuals with Disabilities and Protected Veterans are encouraged to apply.

Founded by industry leaders to set a new standard in search, career placement and flexible staffing, we deliver coordinated staffing solutions with unparalleled service, a commitment to project completion and success and a passion for innovation, creativity and continuous improvement.

Our niche brands offer a complete suite of staffing services to emerging growth companies and the Fortune 500 across market sectors, career specialties/disciplines and industries. Over time, office locations, specialty practice areas and service offerings will be added to address ever changing constituent needs.

We look forward to working with you.

Beacon Hill. Employing the Future™