Website Henson Group
Consumer Firm & .com
Seeking Manager IT Security and Compliance Consultant in NYC. Base starting at $155,000 plus bonus. If you know of a viable candidate, we are offering $1,000 for any referrals we hire. Please let me know.
· Establishes and leads the security governance committee that ensures that security strategies and policies are balanced with business goals and risk management.
· Develops and implements a security framework, consistent with industry practices, that outlines security policies for the organization, and socializes these policies into organizational procedures. This would include the development and execution processes to monitor adherence to the implemented policies, as well as facilitating the development of corrective actions, as appropriate.
· Develops and implements a security model that defines security policies, technology strategies, usage requirements and provides metrics for reviews overall policy effectiveness.
· Develops the IT security requirements for all layers of information technology applications, operating systems, network Infrastructure, application integration, information access, and secure development lifecycle.
· Establishes a compliance and audit process that links to enterprise governance and provides certification across standards (ISO 27001)
· Responsible for management of IT compliance requirements: PCI and Sarbanes Oxley Controls working with Internal Audit and Legal Depts, as necessary
· Recommends changes to security controls and business application solutions.
· Manages the process for conducting periodic vulnerability and security risk assessments and scans.
· Monitor compliance programs according to policies and procedures for infractions or exposure and provide timely reporting to senior management.
· Maintains focus on compliance of security practices within emerging technologies, including those within the mobility and internet channels. Provides guidance to IT and business management on impacts of such technologies on overall operations.
· Provide oversight of security projects, facilitation of security and audit assessments of IT systems hardening and security best practices, vulnerability remediation
· College degree or equivalent work experience
· Bachelor degree or higher in Computer Science, Information Systems or related field. Equivalent combination of education and experience is acceptable.
· CISSP certification (good to have)
· 7+ years of experience in technology field with a focus on security management.
· 5+ years of experience in the area of governance, risk and compliance
· 5+ years demonstrated project management / leadership skills.
· Knowledge of networking and security technologies such as, IPSEC, VPN, routers, switches, firewalls, intrusion detection/prevention, data leakage, WAF.
· Ability to work independently and manage multiple competing priorities.
Enter qualifications here
All your information will be kept confidential according to EEO guidelines.