Information Security Manager

Looking for a manager that has a mindset like an engineer and has managed a security budget.

MUST:

• 10 years minimum overall information security
• 3 years managing a team – must be manager title and people managing (ability to improve team culture)
• Experience managing the security budget and doing performance reviews for their team
• Well rounded (This team will handle application control, evaluating technology providers, planning and road mapping initiatives, security operations, risk management, incident response, 3rd party risk processes, and more)
• Someone who is autonomous can make decisions on their own
• Looking for someone who has vulnerability scanning and vulnerability management experience (ideally Tenable OR rapid7)
• Proven examples of experience implementing and deploying single sign on.
• Experience engineering one of these tools to fix a problem for the business: Aquasec/Aqua, Security Guard, Defender for Cloud
• Strong understanding of incident response
• General understanding ISO standards
• Experience with broad exposure to cloud, infrastructure, network, and multi-platform environments.
• Proficient knowledge of IP networking and public cloud security principals.
• Expertise in malware detection technologies and remediation
• Experience with wireless security, network monitoring, network design, windows desktop/server security, database security, routing protocols and incident management.

PLUS:

• CISSP OR CISM
• Degree
• Legal

DAY TO DAY:

Our client, a national law firm, is seeking a Manager of Information Security to join their team as a full time employee in Pittsburgh. This role works a hybrid schedule and will manage a team of 3 security engineers 1 Analyst. This role will also have the capacity to hire a new engineer once this Manager comes aboard. This person will play a pivotal role within leadership, development, and oversight of a comprehensive information security management system (ISMS) and privacy information management system (PIMS) across the firm. The Manager of Information security will manage a skilled team dedicated to security engineering, operations, incident response, and the development of security policies and procedures. This person will have their hands on many different technologies and aspects of security, so we are seeking a well-rounded leader to have their hand in just about everything and not be afraid to jump in and take initiative.