Information Security Manager

Role:- Information Security Lead

Location: Hybrid in Bellevue, WA (at least 3 days/week)

Experience :- 12 Years

Length: One year contract to start, possible contract to direct

Visa Status:- Except for OPT and GC through an employer any visa is fine.

Description:

We need someone with expertise in security technology and experience in the operations of security tools and/or the operation of security tools within products or services.

This person must work at companies engaging in such activities, ( development/ SI’s ) rather than being part of the more compliance-oriented departments in security.

Role:-

The Information Security Lead develops, maintains, and publishes required information security standards, procedures, and guidelines per domain of responsibility.

Responsible for conceiving and executing forward-looking security systems or processes design, implementing programs for user awareness, compliance monitoring, security controls design and implementation.

Key Responsibilities

• Maintain the organization's information security effectiveness and efficiency by defining and leading the implementation of security approaches, standards, and procedures supporting strategic plans and directions
• Lead teams to resolve Information Security challenges.
• Provide the information security requirements for cross-organization projects and accompany the implementation of the requirements.
• Utilize deep information security understanding to support internal and external business-related activities, and formulate IS solutions based on technical and business requirements.
• Maintain a detailed knowledge of IS solutions and present them to our customers.
• Lead unit-level initiatives and ensure competency to meet the needs of the team/ Amdocs /Customers.
• Design solutions and formulate response to RFx, create POC/demos, and present IS solutions to customers/corporate stakeholders.
• Utilize deep technical knowledge of IS products and services to align appropriate solutions based on client needs.
• Lead and manage Information Security Projects, including (as required) budget and resources, customer relationships, timelines, deliverables, quality, and overall management.
• Recommend information technology strategies, policies, and procedures by evaluating the organization's outcomes, identifying problems, evaluating trends, and anticipating requirements.
• Keep updated with emerging security threats and alerts; conduct research on emerging products, services, protocols and standards in support of security enhancement and development efforts; collaborate with other cyber threat researchers.
• Accountable for meeting quality objectives, adherence to best practices, quality processes, and methodologies; lead continuous improvement via Root Cause Analysis, Lessons Learned, and Prevention processes; Track quality KPIs and continuously improve quality and measurements.
• Promote clarity and alignment with ongoing, effective communication to the project team regarding the unit’s goals and status, project matters, companywide changes, special initiative status, etc.
• Strive for strong and healthy working relationships within the team.
• Provide technical guidance and training to information “owners,” other security managers, and IT associates.

Information Security Manager functions include:

• Lead, manage and mentor teams in specific domains such as risk assessment, cyber technologies, corporate security, PMI, SOC, Penetration testing, security operations, etc.
• Attract, develop, and retain talent to build and maintain strong, effective,e and competent teams, and ensure the enhancement of their knowledge.
• Coach and empower the team and foster an environment that encourages teamwork based on motivation and inspiration.
• Responsible for HR processes such as recruitment, onboarding, the definition of clear goals and objectives, ongoing performance management and feedback, career development, and growth of the team and its members.
• Manage day-to-day employee relations.

Information Security Expert functions include:

• Domain Expertise – be the technical expert and leader of certain domains such as IT, Application, and GRC.
• Comprehensive experience in information security/information security management
• In-depth knowledge of security architectural considerations from an End-To-End security perspective
• In-depth knowledge of information security concepts and methodologies
• In-depth knowledge of compliances (PCI DSS, Sox, DPA, and so on) and IS standards (ISO 27001, BS25999, ISO 20000, OWASP, etc.)
• In-depth knowledge of risk management methodologies and approach
• Knowledge of Secure SDLC methodology
• For management position – proven management experience

Credentials

1. Bachelor’s degree in engineering or equivalent
2. CISA/CISM preferable
3. CISSP/CEH preferable
4. ISO27001 certified