TechConnect is seeking an Information Security Manager for an industry leading client based in Tulsa, OK. This is a critical position for our client, and they need an individual that is well versed in cybersecurity best practices with a proven track record implementing, maintaining and leading the overall information security program for an organization. This individual must be able to manage and develop a team of technical individuals while managing multiple projects and priorities in a fast paced environment. They need someone that is efficient, dependable, has the desire to help others, foster a collaborative and innovative team environment while promoting a culture of security awareness throughout the organization.
As the ISM your responsibilities will include overseeing the entire information security direction for the company. You will manage security operations, ensure security policy compliance, direct security incident response, and lead a team of technical analysts and engineers in multiple locations. Ideally the ISM will have a blend of hands-on skills, leadership skills to drive the cybersecurity team and strategic vision that will propel the company forward with the right level of security measures for a company this size, in this industry and help secure growth plans.
To be successful in this role you must be well versed in information technology and cybersecurity best practices. You must have excellent communication and interpersonal skills with the ability to effectively collaborate with stakeholders at all levels. You must ask the proper questions, listen to the customer and determine the root cause of issues. You must find the appropriate balance for cybersecurity controls and the business’ ability to operate efficiently. You will need to exhibit excellent decision making and analytical problem solving skills with the ability to complete tasks in a production based environment. You need to be highly organized, have a strong attention to detail, be able to work independently as well as thrive in a team environment while providing excellent support and service.
Responsibilities (continued)
- Manage proper utilization of security products such as EDR, NGFW, NDR, SIEM, M365 security features and other cybersecurity technologies.
- Develop, implement and enforce security policies, procedures and guidelines.
- Develop centralized monitoring and response standards that align with security monitoring regulatory requirements, internal/external assessments and internal cyber policies. Ensure compliance with relevant laws, regulations and industry standards.
- Assist teams in gathering required information and evidence to support compliance requirements.
- Coordinate and manage responses to security incidents, conduct thorough investigations and implement corrective actions to prevent future incidents.
- Support an effective incident response and business continuity plan.
- Work with the CIO to:
- Develop, implement and manage the information security program according to the companies goals and industry best practices.
- Coordinate and participate in incident response preparation activities with relevant technical and business teams.
- Identify, assess and prioritize information security risks with business leaders and risk teams to develop and implement risk mitigation strategies.
- Develop and maintain information security procedures.
- Monitor and guide compliance with established policies and security regulatory requirements.
- Align security initiatives with business objectives.
- Conduct regular risk assessments and vulnerability analyses.
- Evaluate and assess the adequacy and effectiveness of controls in place to safeguard data privacy and confidentiality.
- Lead the professional development of team members to include training, mentoring and performance evaluations. Oversee training programs to educate employees about security policies and best practices, and contribute to the development and delivery of security awareness training programs.
- Stay on top of emerging security threats, technologies and best practices.
- Deliver expert advice to stakeholders regarding the security status of the enterprise environment and prepare various cyber reports such as cyberthreat intelligence situation reports regarding observed activity from security tools.
Qualifications
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity or related field, with a minimum of 5 years’ experience in information security leadership or a similar role.
- Experience working with EDR, NGFW, NDR, SIEM, M365 security features and other standard cybersecurity technologies.
- Experience managing security operations for a multi-site environment.
- Strong understanding of security frameworks, standards and best practices such as NIST, CIS CSC, ISA/IEC 62443.
- Effective communicator and leader with the ability to assess risk, develop effective mitigation strategies and an overall strong technical knowledge of network, application and infrastructure security.
- Preferred – Experience conducting information systems and cybersecurity audits. Certifications such as CISSP, CISM or equivalent.
Work Location/Travel
- 100% onsite, no remote work (client facility located in Tulsa, OK).Some travel is expected for this position (Oklahoma, Texas, Missouri and Oregon as needed).
Benefits
- This position comes with a strong benefits package that includes health, 401(k) with a strong match, stock options, bonus opportunities and more.
Physical Functions/Work Environment
- Ability to work in normal office and manufacturing conditions.Office is a climate controlled setting. There can be sitting for prolonged periods in this role.
Position Type