Information/Cyber Security Manager

Jefferson Capital Systems is seeking candidates for an Information/Cyber Security Manager. In today's ever-growing threat landscape, you will be an integral member of the IT Team providing security concepts and best practices throughout multiple Business Lines, IT, InfoSec, and DevOps across multiple locations/geographies. He/She will play a significant role in maintaining industry certifications and collaborating on new business or technology initiatives and ensuring the protection of the data entrusted to us.

RESPONSIBILITIES:

• Oversee and participate in day-to-day operations of the IT/Info Sec department by training, coaching, communicating expectations and developing personal growth of employees
• Work with senior and peer IT Management to develop short- and long-term plans consistent with company objectives
• Maintain and strengthen IT Security initiatives including ISO 27001, Risk Management, Cloud Security, GDPR, Business Continuity & Disaster Recovery, Asset and Data Classification, and System Hardening
• Leverage security tools such as SIEM, EDR, Vulnerability scanners to monitor and secure our environments
• Assist with the planning, execution, evidence gathering, and remediation of internal/external audits and compliance activities, such as Penetration Tests, Client Security Questionnaires, IT Compliance Audits
• Maintain internal/external compliance against information security policies and procedures by completing internal control reviews and risk assessments. This includes identifying and communicating control gaps, proposing action plans for remediation, and reporting on the completion of tasks
• Participate/ensure security controls and best practices are available and maintained in DevOps
• Facilitate internal phishing campaigns, security announcements, security awareness trainings, and security exception processes
• Assist in maturing the overall IT/Cyber Security programs while aligning with security frameworks

REQUIREMENTS:

• 5 plus years' experience in IT, Information/Cyber Security and/or related Technology fields
• Functional knowledge of Security Frameworks such as ISO 27001, PCI, SANS, NIST, CIS, GDPR, OWASP Top 10
• Working experience of creating and maintaining operational effectiveness of IT Controls
• In-depth understanding of security tools such as vulnerability scanning, firewalls, IDS/IPS, patch management, EDR, and SIEM
• Hands on experience with security tools, conducting security audits, and performing security investigations
• Strong communication skills and the ability to be influential through both written and verbal interactions with a variety of audiences
• Proven ability to work independently and as a member of a team
• Ability to maintain productivity while multi-tasking in a fast-paced environment
• Industry accepted Information Security Certifications are a plus!