Information Security Manager

Title Information Security Manager Location Houston, St. Paul or Cedar Rapids Pay Rate 140k – 160k + bonus Duration of Job Direct Hire We are looking for an Information Security Manager who is ready to strategize, execute, and drive company-wide information security efforts. In this role you will establish enterprise security strategy though policy, architecture and training processes as well as provide operational oversight of the Company’s security solutions and security procedures. We are honored to be one of the nation’s longest operating engineering firms. Whether we are providing civil engineering services, innovative management solutions to timely challenges, or overseeing the construction of a high profile improvement, the projects we undertake with our clients connect and shape communities, drive redevelopment and sustainability goals, and improve processes for consistent value. What will you be doing? Develop and communicate security strategies and plans to executive team, employee stakeholders, and IT team. Responsible for managing the Company Information Security and Cybersecurity Governance process. Establish and manage a risk-based assessment methodology to prioritize and track security policy, procedure, and technology initiatives. Assess risks and internal controls dependency on systems by identifying areas of non-compliance and evaluating risks related to key technology processes. Develop, implement, maintain, and oversee enforcement of policies and procedures for system security administration and user access. Maintain and improve upon the Company’s current security awareness training program. Develop, implement, and maintain an on-going SOC 2 Type II assessment. Develop and then implement a compliance management framework that maps SOC 2 to other security standards (such as NIST). Supervise all security incident investigations (CSIRT). Develop and maintain business continuity and disaster recovery plans. Project manage initiatives associated with the implementation of policies, procedures, andor technology that relate to information security and cybersecurity. Provide security oversight and approval on the IT Change Approval Board (CAB). Review and respond to dailyweeklymonthly alerts and reports delivered by security and access monitoring systems. Implement a vendor management program focused on protection of company and employee confidential information as it pertains to information transmitted and stored outside of the Company controlled network and systems. Implement a program that enables the Company to protect Personally Identifiable Information (PII) and Personal Health Information (PHI) as well as comply with all federal, state, and local PIIPHI requirements. Manage execution of external penetration tests, internal vulnerability assessments, internal audits (SOC 2), and external client audits. What are we looking for? Bachelor’s Degree in an Information Technology or Information Security field or equivalent work experience. Minimum of 15 years combined in Information Technology and Information Security fields, with at least 7 of those years within the Information Security field Certificates, Licenses, and Registrations One or more of the following certifications are required (ISC)2 CISSP ISACA CISM GIAC GSEC GIAC GSLC Why join our Team? It is your chance to join one of the country’s longest operating engineering firms and a leader in local markets in design engineering and construction with over 500 employees in 16 offices around the nation We offer an excellent compensation and benefits package that includes medical, dental, vision, life insurance, PTO, 401(k) with company matching, long term disability and short-term disability Espo Corporation Willowbrook, IL 60527 (630) 789-2525 View all open jobs at www.espocorp.comjobs httpwww.espocorp.comjobs Leaders in Technical Recruiting Staffing since 1965 We are an Equal Opportunity Employer and value the benefits of diversity in our workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity and expression, national origin, disability, protected Veteran status or any other attribute or protected characteristic by law. Want to learn more? Click here www.dol.govofccpregscomplianceposterspdfeeopost.pdf httpwww.dol.govofccpregscomplianceposterspdfeeopost.pdf . If you need assistance applying please contact us at 630-789-2525.