IT Security Manager

Gorbel’s mission is simple: We improve people’s lives.

That mission guides everything we do, from the products and service we provide to our outside customers to the work environment we foster for our employees. We are a manufacturer of material handling and fall protection products for the production and warehouse/distribution sectors. We’re on the cutting edge of manufacturing and distribution; a thriving, growing company that is constantly seeking out new ways to innovate and elevate our products and our processes – and we’re looking for people like you to join us in that mission.

We’re currently hiring for open positions in the US and Canada. We operate in Canada as Engineered Lifting Systems and Equipment (ELS)/DBA Gorbel® Canada, and subsequent communication related to Canadian positions may show the ELS name. You may be contacted by phone by recruitment personnel based in either Canada or New York.

Work Shift

Job Description:

The IT Security Manager reports to the IT Director and is responsible for the security of all computing systems and data as well as the design, implementation, and oversight of all security efforts for Gorbel®. The Security Manager leads the IT Security team consisting of security engineers, provides regular coaching, creates performance goals and completes performance appraisals. The IT Security Manager will provide security engineering support and serve as an escalation resource for security related operational support. The IT Security Manager works closely with all departments to support ongoing business and departmental security initiatives. The IT Security Manager develops and oversees the execution of the overall security roadmap, covering a variety of disciplines such as compliance, risk assessment, vulnerability management, and security incident response. Supports overall corporate strategic objectives. Scope of responsibilities includes Gorbel, Inc., Ravenwood Golf Club, Inc., Engineered Lifting Systems & Equipment, Inc. These entities have multiple locations in the US and Canada.

Specific Duties

• Leads the IT Security team consisting of security engineers.
• Provides regular coaching, creates performance goals and completes performance appraisals.
• Partners with the IT Infrastructure Manager to ensure the security of corporate IT systems and data using best-known methods, tools and security principles.
• Provides engineering support for Information Security platforms as well as escalation operational support for the IT Infrastructure team.
• Assists in the design, implementation and maintenance of security-focused tools and services.
• Serves as the GRC (Governance, Risk and Compliance) subject matter expert
• Collaborates effectively with all departments to help develop and implement appropriate security controls.
• Maintains awareness of current security related events and the impact to business operations.
• Conducts scheduled audits of security controls, prepares reports and presents to leadership.
• Builds and supports a DevSecOps culture.
• Delivers security training and consulting as required.
  
  

Position Requirements

• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Management Information Systems, Business or other degrees in related fields
• Certified Information Systems Security Professional (CISSP)
• 7 years of experience in a security engineering role within a corporate environment
• 3 years of experience in a leadership role with direct reports
• Experience with On-Premises and Cloud IT Infrastructure
• Experience operating in a GRC role
• Proficient in conducting security audits, preparing reports and presenting to executive leadership
• Proficient in Windows and Linux-based operating systems
• Proficient in Microsoft 365 applications
• Proficient in writing code/scripts with at least two of the following languages: PowerShell, Java/J2EE, JavaScript/AJAX, C#/C /C, Perl, Python, SQL
• Experience automating security-related operational tasks
• Experience with Privileged Access Management solutions
• In-depth knowledge of domestic and international privacy laws. (NY Shield Act, CCPA, GDPR, etc.)
• Commitment to quality and attention to detail
• Strong troubleshooting and problem-solving skills
• Strong communication skills and ability to interact with all levels of the organization
  
  

Ideal Candidate Will Also Have

• One or more of the Certified Information Privacy Professional (CIPP) concentrations (A/C/E/US)
• Experience supporting and maintaining SOC 2 certification
• Experience supporting and maintaining NIST 800-53 standards
  
  

Work Environment

ADA Physical/Mental/Workplace Requirements

• Occasional lifting up to 25 lbs.
• Ability to move easily about a manufacturing factory
  
  

Gorbel® is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, creed, color, religion, alienage or national origin, ancestry, citizenship status, age, disability or handicap, gender, gender identity, marital status, veteran status, sexual orientation, genetic information, arrest record, or any other characteristic protected by applicable federal, state or local laws. Gorbel® is also committed to providing reasonable accommodations to qualified individuals so that an individual can perform their job related duties. If you are interested in applying for an employment opportunity and require special assistance or an accommodation to apply due to a disability, please contact us at 585-924-6204.

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. At Gorbel, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case.

A reasonable estimate of the current range is: Min. $106,577 to Max $159,865