Manager, Information Security Operations

Description:

Job Responsibilities

• Involved in year over year planning, strategic and tactical roadmap creation and execution.
• Builds and maintains strong relationships with key business partners throughout the organization to ensure collaboration, support and minimal organizational impact in execution of security enhancements.
• Ongoing coaching and development of technical team to support engagement, growth and opportunities for advancement.
• Leads the design, implementation, operation and maintenance of the Information Security Management Program, which includes Vulnerability Management, Data Security and Systems Administration.
• Collaborate with counterpart in the Threat Management.
• Leads the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations.
• Leads or facilitates suitable controls selection activities and value add security monitoring solutions, processes and metrics.
• Establishes business centric Information security metrics.
• Negotiates and selects vendors for information security related solutions.
• Performs other duties as assigned.

Qualifications

• 5 years’ experience in an information security role.
• Post-secondary degree/certificate or equivalent experience.
• Completion of, or working towards, a recognized management certification.
• Understanding of IT architecture, development and operations with a focus on information security.
• Ability to communicate, both verbally and in writing, in a persuasive and eloquent manner.
• Advanced analytical and problem-solving skills with the ability to manage and prioritize a busy workload and multiple projects.
• Strong Leadership skills with the ability to engage and influence business and IS leaders.
• Experience coaching, mentoring and/or developing others.
• Ability to develop effective plans that define activities, resources, timelines and cost estimates.
• Ability to make well justified decisions in complex and high-pressure situations.
• CISSP, CISM, GSEC, GIAC and CIPP certifications are considered assets.
• Experience in the insurance/finance industry is considered an asset.
• Understanding of ITIL is considered an asset.