PRIMARY FUNCTION
The Sr. Information Security Project Manager and Analyst holds dual responsibilities. As a Sr. Project Manager , this individual manages the end-to-end implementation of Information Security and Compliance-related projects. As an Analyst , responsibilities include appliance administration, report creation and evaluation, and alert management. Reporting directly to the Senior Director of Cyber and Information Security , this role partners with management, engineering, IT, development, and other business units throughout the organization.
This position requires creating detailed work plans, schedules, project estimates, resource plans, and status reports. The individual conducts project meetings and is responsible for tracking and analyzing projects. Utilizing project management disciplines and experience, the role includes developing project plans with clear definitions, scope, business requirements, cost, resource allocation, and quality / reliability metrics.
ROLE AND RESPONSIBILITIES
- Manage one or more Information Security-related projects from initiation to completion.
- Serve as the primary liaison between the business PMO and various technology work streams.
- Provide resource and budget plans to ensure projects are completed on time and within budget.
- Manage schedules, risks, and issues using standard project management tools.
- Provide regular reporting at appropriate intervals to various levels of the organization.
- Write functional, technical, and report specifications.
- Create RFPs and assist in vendor identification and selection.
- Lead business process re-engineering, create process maps, and contribute to training materials.
- Track and report project status, including :
- Schedule, budget, milestones, metrics, key events, risks, and issues to IT management and stakeholders.
- Ensure all relevant personnel are trained on processes and standards.
- Manage cross-functional project teams responsible for all phases of the project lifecycle, including analysis, design, development, testing, and ongoing support.
- Participate in test case and script development.
- Oversee quality assurance and testing of deployed solutions.
PREFERRED SKILLS
Experience in financial services or other highly regulated industries.Project Management Professional (PMP) certification preferred.Bachelor’s degree in Computer Science, Information Systems, Math, or related field.Minimum of 7 years of project management experience.At least 10 years of IT experience in large-scale, distributed environments with hands-on expertise in multiple technologies.Proven ability to manage and deliver complex technology projects.Strong verbal, written, and analytical skills with the ability to interact at all organizational levels.Demonstrated experience preparing Requests for Proposals (RFPs), including :Identifying business requirements.Documenting business requirement statements.Preparing business process flow maps.Evaluating vendor responses.Extensive experience managing projects involving :Business process analysis and re-engineering.Application deployment, system integration, development, installation, testing, and quality assurance.Data conversions, organizational change management, and training plan development.Proficiency in project management tools for developing and managing comprehensive, integrated project plans.Experience working in a team environment and articulating the project lifecycle.Strong leadership skills, including the ability to lead and matrix manage teams through influence.Previous experience in the financial industry is preferred but not required.QUALIFICATIONS AND EDUCATION REQUIREMENTS
Bachelor’s degree in Information Systems, Computer Science, Information Security, Data Security, Network Security, or related discipline required (advanced degree is a plus).CISSP certification is required. Additional certifications, such as CISM, CISA, or Security , are a plus.Minimum of 8 years of recent, hands-on experience with modern technologies.Systems analysis experience, including :Gathering requirements, constructing RFPs / RFQs, devising proof-of-concepts, defining test cases, and creating detailed status reports.Driving critical security infrastructure projects.Working knowledge of security technologies such as :DLP, SIEM, IDS / IPS, web filters, two-factor authentication, web application firewalls, and Active Directory Group Policy.Ability to establish SLA and KPI-driven metrics for performance measurement.Experience with vendor management.Familiarity with network technologies :Switches, routers, firewalls, VPNs, and remote connection technologies.Familiarity with security tools like :Qualys, Rapid7, Q1 Labs, McAfee Suites, FireEye, BlueCoat, Juniper, Palo Alto Networks, and MDM solutions (preferred).Knowledge of vulnerability sources such as :SANS, US-CERT, Symantec, SecureWorks, and other industry-standard providers.Familiarity with public and paid intelligence sources such as ICS-CERT, FBI Infragard, Verizon iDefense, RiskIQ, and Critical Intelligence.Strong communication skills with the ability to write concise, compelling narratives and present technical and business issues effectively.Solid analytical and problem-solving skills, with the ability to think strategically and implement solutions.Able to work independently while collaborating effectively with other teams.Leadership skills to guide, mentor, and support staff.Physical requirements :Able to lift 50 lbs. and interpret color-coded events.Must be available for a 24 / 7 rotating on-call schedule.
