Information Security Manager
New York City
Applications have closed
AIP Connect
AIP Connect connects the right people to the right employers with a refreshingly different approach. We are not your typical recruiter.
Our client a leading technology consultant is seeking an Information Security Manager to oversee the organization's information security program, compliance with ISO 27001, and SOC 2 Type 2 standards. The ideal candidate will have a strong background in information security management, risk assessment, and compliance frameworks, and a proven track record of implementing and managing compliance and governance.
Accessibility: If you need any accommodations during the interview process, please let us know.
Information Security Manager
- Maintain comprehensive information security policies, procedures, and standards to ensure the confidentiality, integrity, and availability of all data and information systems.
- Collaborate with both internal stakeholders and external parties to conduct regular risk assessments and vulnerability scans to identify security and compliance issues and weaknesses.
- Monitor security systems and respond promptly to security incidents, breaches, or unauthorized access attempts.
- Regularly conduct ISMS Compliance checks with various business unit leaders and subject matter experts and report findings and develop recommendations for mitigation
- Maintain compliance with various emerging legislation to stakeholders.
ISO 27001 Compliance
- Lead the organization's efforts to achieve and maintain ISO 27001 certification.
- Develop and maintain the Information Security Management System (ISMS) documentation, including policies, procedures, controls, and risk registers.
- Coordinate and facilitate internal and external audits to ensure compliance with ISO 27001 standards.
- Drive continuous improvement initiatives to enhance the effectiveness of the ISMS and ensure alignment with evolving business needs and industry best practices.
- Collaborate with internal stakeholders and external auditors to prepare for a future SOC 2 Type 2 audit.
Information Security Management
- Collaborate with teams to develop and communicate roles and responsibilities for key security and compliance areas, including: information security policies/procedures, governance/risk management, security training, privacy and data protection requirements.
- Foster a culture of compliance awareness and accountability throughout the organization and provide status and recommendations for improvements.
- Establish with stakeholders a vendor risk management program to assess, monitor, and mitigate risks associated with third-party relationships.
- Work jointly with the Data Protection Officer (DPO) and other stakeholders to manage and maintain privacy compliance assessments and documentation (ex: Privacy impact assessments).
Qualifications
- Bachelor's degree in Information Technology, Computer Science, or a related field; advanced degree or professional certifications (e.g., CISSP, CISM, CISA) preferred.
- Proven experience in information security management, including ISO 27001 and SOC 2 compliance.
- Strong understanding of cybersecurity principles, best practices, and regulatory requirements.
- Experience implementing and managing security controls, risk management frameworks, and incident response procedures.
- Excellent communication and interpersonal skills, with the ability to effectively engage with stakeholders at all levels of the organization.
- Strong analytical and problem-solving abilities, with a keen attention to detail and a commitment to delivering high-quality results.
- Ability to work independently and collaboratively, managing multiple priorities and deadlines effectively.
Accessibility: If you need any accommodations during the interview process, please let us know.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISM CISSP Compliance Computer Science Governance Incident response ISMS ISO 27001 Privacy Risk assessment Risk management SOC SOC 2 Vulnerability scans
Region:
North America
Country:
United States
Job stats:
12
0
0
Category:
Leadership Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs