IT Security Manager Job Description
IT Security Manager Duties & Responsibilities
To write an effective IT security manager job description, begin by listing detailed duties, responsibilities and expectations. We have included IT security manager job description templates that you can modify and use.
Sample responsibilities for this position include:
IT Security Manager Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for IT Security Manager
List any licenses or certifications required by the position: CISSP, CISM, CEH, OSCP, CHFI, CISA, ISO, GIAC, SOX, PCI
Education for IT Security Manager
Typically a job would require a certain level of education.
Employers hiring for the IT security manager job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Education, Information Technology, Information Systems, Business, Technical, Information Security, Management, Engineering, Business/Administration
Skills for IT Security Manager
Desired skills for IT security manager include:
Desired experience for IT security manager includes:
IT Security Manager Examples
IT Security Manager Job Description
- Supports IPS and WAF systems, including maintaining 24/7 on call support and implementing change requests
- Responsible for the updating and tuning of security devices to ensure proper detection
- Manage the review of IT Risk CoG’s policies, ensuring GTI completes assessments on compliance and derives action plans for gaps
- Manage policy gaps to ensure completion within timelines
- Participate in BURCSA assessments to meet annual requirements from EORM
- Act as the point person to GTI and to ORM for control substantiation plans, status of testing and results
- Analyze control testing results and make pillar profiles, recommend and oversee risk mitigation plans and communicate to leadership management
- Accountable to promote awareness of Security and IT Risk across the pillars
- Relationship Management with GTI SME’s, GTI Risk Representatives, IT Risk CoG, ORM and other relevant governing bodies
- Act as reviewer for findings for the GTI Risk Group and track status of findings for GTI
- Operating system, network, and application design principles to participate in all design activities, providing security specific guidance to the process
- Platform, firewall and perimeter protection technologies sufficient to implement state of the art protection systems
- Mobile device management technologies
- Minimum of four years of technology program and project management, software engineering leadership or business analysis experience in a dynamic technology department
- Experience in a media or broadcast company preferred
- Must be willing to work in New York, NY on a full time basis
IT Security Manager Job Description
- Monitor for changes in local, state and federal regulations and accreditation standards affecting information security and make recommendations to Senior Director and other organizational leaders on the need for policy changes
- Overall responsibility for ongoing client service delivery success, retention, and growth
- Delivers program management along with the Client Security Point of Contact
- Develops and grows the relationship with the Client Security Point of Contact while ensuring ongoing program success
- Manages program risks, issues/problems, and activity progress to ensure goals (e.g., deadline, scope and quality) are achieved
- Manages the administrative functions associated with the Client Security Point of Contact including scheduling and facilitating meetings ensuring all directed projects and tasks are delivered on schedule
- Consults regularly with Client Security Points of Contact to implement direction from the Managed Security Services group and ensure Clients have a complete understanding of issues, and resources available to support implementation
- Maintains ongoing communication to understand what each Client is doing as it relates to IT security and how that effort impacts the relevant organization
- Ability to influence and communicate effectively to enterprise c-level leadership
- Identifies opportunities for continuous improvement, oversees the implementation of the change and measures the level of improvement
- A keen understanding of how response capabilities are highly critical for managing enterprise risk
- Ability to communicate technical security objectives orally and in writing to a variety of audiences
- Ability to design, evaluate and document process improvements when conducting lessons learned exercises
- Strong datacenter knowledge in terms of power & rackspace allocations for equipment experience with equipment airflow and cooling characteristics & specifications
- MInimum of 8 year of relevant working experience, with 2 years in a management capacity
- Security certification CISSP, CISA, CISM is a plus
IT Security Manager Job Description
- Conducts vulnerability analysis and threat assessment
- Evaluates security products and recommends solutions for control enhancement
- Establishes metrics to ensure continuous improvement and ongoing compliance
- Provides ongoing analysis and assessment in support of incident response activities
- Responsible for leading the day-to-day IT Security operational activities
- Proactively manage projects towards achievement of business objectives while adhering to agreed scope, time, quality and budget
- Work with the Principal Architect and Engineering Lead to understand the project scope and design and prepare implementation plans
- Work with the Transition Lead to ensure smooth conversion to an operational state including all necessary deliverables from well-defined training plans to defined operational KPIs for success
- Develop project charters, comprehensive plans, budgets, success criteria, metrics, status reporting, communications and other deliverables to ensure successful delivery of projects
- Manage project budgets and departmental reporting to ensure accurate reporting and timely updates for overall IT financial management processes
- Minimum 8-10 years' technical experience working in IT security operations centre and/or related functions such as IT security management and architecture
- Excellent understanding of broad spectrum of technologies to include operations system, active directory, DNS, Messaging
- Knowledge of information security, IT infrastructure and systems development
- Professional security related qualification
- Experience with implementing and operating IPS and WAF security devices
- Extensive knowledge of networking technologies
IT Security Manager Job Description
- Develops and monitors security procedures, practices and policies within all system environments
- Coordinate and track all information technology and security related audits including scope of audits, business units/product/services involved, timelines, auditing bodies and outcomes
- Develop a strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, ISO 27001
- Partner with Supply Chain, Legal, Comms, Contracts, PMX, BD, Engineering, Operations and EXIM to ensure DFARS Cyber Compliance is engrained into RMS processes and procedures
- Draft clear, concise, and enforceable policies that are compliant with applicable laws and regulations
- Coordinates the day to day activities of the project including cost, schedule, issues, risks, and quality management, ensuring the appropriate level of communications and stakeholder involvement
- Develops and maintains the project management plan, work breakdown structure, project schedule, supporting plans, and other documentation required for successful project completion
- Coordinates and participates in requirements, design, technical, control gate, and other project reviews as required
- Monitors project progress, tracking, escalating and resolving issues or risks, and reporting to management on project status
- Identifies risks and work with Division or Branch management to implement corrective actions and risk mitigation plans as required
- 5+ years formal project management experience managing various types of IT projects (e.g., discovery, software development, infrastructure, capital, applications)
- Bachelor's degree required preferably in the area of business, project management, or technical discipline
- Minimum of 2-3 years of Cybersecurity experience, preferably for medical devices and diagnostic systems software applications
- Proven organizational and project management skills with software development projects
- Ensures BU adoption of product security framework activities
- Tracks and reports adherence to product security requirements
IT Security Manager Job Description
- Performing complex operating system and network security investigations
- Performing and reviewing vulnerability evaluations of software and hardware such as workstations, servers and network devices
- Providing technical resolution for complex system issues and root cause analysis on security events and incidents
- Managing the security operations team
- Reviews security features of new systems, ensuring they meet existing security requirements and policies
- Develops an Information Security Awareness program
- Provide strategic direction to track managers
- Evaluates and defines client requirements for IT risk & security projects
- Defines scope and estimates project costs and details
- Directs engagements by managing junior staff or contractors to meet project commitments
- Additional experience beyond 8 years may be substituted for a degree
- Management training or experience
- At least 7 years of progressive working experience in Information Security or a related discipline such as Infrastructure security or Network security
- Have experience investigating and leading a Cyber Incident Response team in the process of investigating malware, intrusion, unauthorized use, and data breach
- Knowledge of core networking technologies such as TCP/IP, DNS, and DHCP
- CISSP or other security certifications such as ones from GIAC