Information Security Manager Job Description

Information Security Manager Job Description

4.5
183 votes for Information Security Manager
Information security manager provides management guidance and expertise for all PCI gaps to our business unit partners supporting in-scope environments for PCI-DSS Compliance.

Information Security Manager Duties & Responsibilities

To write an effective information security manager job description, begin by listing detailed duties, responsibilities and expectations. We have included information security manager job description templates that you can modify and use.

Sample responsibilities for this position include:

Monitoring of all security operations including SIEM platform, AV, Firewalls, Identity Management Platform, access request processing, digital loss prevention
Provide Archer technical expertise and leadership to a team of highly technical employees
Provide work direction, delegation, and prioritization to the Archer team
Evaluate and recommend information security technologies and practices
Advise on and monitor compliance with information security mandates
Interpret security policies, regulations, standards, and other mandates into security control requirements and assess environments against those requirements
Participate in computer security incident response activities, including incident identification and investigation, containment and remediation, reporting, and post-incident analysis
Conduct and manage technical exchanges with internal and external partners
Advise and assist with the design and implementation of counter-measures or mitigating controls
Liaise with senior subject matter experts

Information Security Manager Qualifications

Qualifications for a job description may include education, certification, and experience.

Licensing or Certifications for Information Security Manager

List any licenses or certifications required by the position: CISSP, CISM, CISA, GIAC, SANS, ISO27K, CRISC, ISO, ISSMP, PCI

Education for Information Security Manager

Typically a job would require a certain level of education.

Employers hiring for the information security manager job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Education, Information Technology, Technical, Engineering, Information Systems, Business, Computer Engineering, Computer Information Systems

Skills for Information Security Manager

Desired skills for information security manager include:

Databases
Networking
COBIT
Multiple IT control and project management practices
ITIL
Access Management
Experience working across large environments
Firewalls
NIST
PCI DSS

Desired experience for information security manager includes:

Broad experience in developing communication strategies, communication plans, stakeholder analysis' and adoption plan
Experience writing for a wide variety of channels
Ability to work effectively with others across all levels of the organization
Experience translating highly technical information into an easily digestible communication
CISSP or CISA is desired
Systems & network administration knowledge (Linux, Windows, Cisco )

Information Security Manager Examples

1

Information Security Manager Job Description

Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of information security manager. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for information security manager
  • Collaborate with clients IT / Information Security teams to integrate Conifer’s identity access management process with their existing processes
  • Ensure compliance to standards and regulations such as ISO 27001, PCI DSS, state and national laws in information security
  • Monitor compliance with the Bank’s Information Security Program and Policy, referring issues to the appropriate managers
  • Experience with analyzing, troubleshooting, and investigating security-related anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts
  • Evaluate, Architect, design, implement and support security-focused tools and services including project leadership roles
  • Participate in security compliance efforts (e.g., PCI, DSS, SOX)
  • Evangelize security within Company and be an advocate for customer trust
  • Introduce and implement ISO 27001 standard throughout the business and ensure compliance
  • Leading cross functional teams through auditing and compliance activities including Sarbanes Oxley (SOX), Payment Card Industry (PCI), customer audits, Internal Audit
  • Establishes and manages the capability to prevent, detect, contain, mitigate and recover from information incidents to minimize business impact
Qualifications for information security manager
  • The incumbent is guided by the Bank’s Information Security Policy and Standards and the requirements of Bank regulators and auditors departmental procedures
  • CISA, CISM and/or CISSP designation beneficial but not required
  • Prior experience in a risk and control role would be an advantage
  • 5 years information security manager experience with a significant portion related to the healthcare industry
  • Knowledge of IS systems and security
  • Knowledge of health information security laws (including HIPAA), regulations, PCI, industry standards and best practices
2

Information Security Manager Job Description

Job Description Example
Our innovative and growing company is looking for an information security manager. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for information security manager
  • Lead or participate in technical security mitigation
  • Coordinate with internal departments and communicate technical security concepts in business terms
  • Support security incident response and management work
  • Lead teams (direct and out sourced) to deliver Conifer personnel access to client and other external applications
  • Identify, assess, and prioritize identified risks
  • Collect evidence, artifacts, and document findings to support conclusions
  • Provide recommendations for remediation of identified deficiencies
  • Track and report on findings/deficiencies to closure
  • Manage remediation efforts and report on the status of control deficiencies
  • Support information security investigations in the respective areas of responsibility
Qualifications for information security manager
  • Knowledge on contemporary technologies like virtualisation and cloud computing
  • Knowledge on information security standards / regulations like ISO27001, SOC , DPF, ISO27018
  • A minimum of 8 years of experience in the information security, risk, or project management fields
  • Bachelor of Science in Computer Science, Management Information Systems from an accredited institution is preferred
  • 6 years of information security experience, including experience with risk management and experience communicating information security concepts to varying audiences
  • 4 year degree in information technology or related field
3

Information Security Manager Job Description

Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of information security manager. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for information security manager
  • Oversee Information Security incident response planning the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary
  • Serve as a subject matter expert providing advisory services related to security architecture strategy security requirements implementation both internally and at the global level
  • Supervise the execution of vulnerability assessments, penetration tests and security audits
  • Creatively and independently provide resolution to security problems in a cost-effective manner
  • Lead the security engagement with this MoD client
  • Initiate and conduct accreditation support
  • Provide expert security guidance to client stakeholders including senior management and partner organisations
  • Management of security related incidents to third parties, including supply chain organisations and their subsidiaries, testing organisations, document and asset handlers and in-directly contracted client partners
  • Evaluate IT/OT security requirements to make sure they are appropriately architected, designed, and implemented
  • Represent the cyber security needs of IT/OT by providing security expertise and assistance for all IT/OT projects
Qualifications for information security manager
  • CISSP, GIAC, CISA certifications desired
  • 5-10 years of relevant information risk, security, and compliance experience in a large, enterprise environment
  • 5-10 years of direct IT Operations and infrastructure support experience
  • Must possess a deep understanding of Security Administration, Regulations, Audit/Controls and Techniques
  • Security Administration and Management, including AD/LDAP and NTFS in an enterprise setting
  • 5-7 years experience in Information Security, Risk Management, Internal Audit, Compliance or Reengineering within the Banking or Financial Services industries
4

Information Security Manager Job Description

Job Description Example
Our company is looking for an information security manager. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for information security manager
  • You have a strong understanding of technical terminology
  • You have a successful record of accomplishment of developing strategies, and designing and executing on the associated plan
  • You are CISSP, CISA or CISM certified, optional but not mandatory
  • Ideally, you have Project Management experience, optional but not mandatory
  • Provides program management expertise for large to enterprise scale programs with moderate to high complexity
  • Collaborating with staff and management of multiple worldwide business units and outside 3rd parties to clearly identify, explain, and communicate their program involvement, program goals, expectations, tasks, and timelines
  • Owning the program portfolio by integrating various project schedules, task assignments, and managing schedule progress - from large phases through to detailed tasks, including understanding and managing dependencies
  • Drives key initiatives in the Program Management Office to strengthen and improve efficiencies across projects
  • Identifies areas for process improvement and forms working groups to carry out those improvements
  • Portfolio management experience at the program level
Qualifications for information security manager
  • Formal training in risk assessment methodology, industrial control systems, external penetration testing and forensic training is preferred
  • Structured project management experience and broad experience in computer and network systems, application development security, desktop environments
  • Monitors advancements in information security technologies
  • Knowledge and experience of ISO/IEC 27001, Privacy, Risk Management, Information, Personnel, Physical security, Information security, Business Continuity and Crisis Management
  • Proven knowledge of PCI-DSS
  • Demonstrated ability to thrive in an Agile development environment
5

Information Security Manager Job Description

Job Description Example
Our growing company is looking to fill the role of information security manager. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for information security manager
  • Demonstrating high quality team management practices with a highly productive team
  • Providing direct and indirect guidance and strategic coaching of architectural staff
  • Advising, influencing, and educating the rest of the company on matters of security
  • Communicating technical ideas and strategy clearly to technical and non-technical audiences in multiple media (e.g., speech, presentations, and prose)
  • Collaborating with Engineering and Operations management around security goals
  • Delivering results in a quickly changing environment, and making progress on strategic and tactical goals transparent to management and cross-business teams
  • Developing and maintaining positive working relationships with business units, including developing a strategy to support their security maturity
  • Supporting product teams in understanding the risks their technical choices bring to the business
  • Reviewing new technologies and products for security implications, including safety, compliance and operational aspects
  • Providing expert advice during security incidents
Qualifications for information security manager
  • Strong knowledge of application security & OWASP framework
  • Operational knowledge of threat & vulnerability management tools
  • Industry certification in information security such as CEH, CISSP, GIAC or equivalent
  • Managing a team of cybersecurity and information security professionals supporting daily operational tasks, security services delivery, projects and initiatives
  • Knowledge of security frameworks, standards, guidelines and best practices required
  • Experience leading a transition from manual to automated environments, , tasks, processes, pipelines

Related Job Descriptions

Resume Builder

Create a Resume in Minutes with Professional Resume Templates