Vacancy expired!
- Acts as a key participant in the development, implementation, and monitoring of the enterprise information security program.
- Provides security consultation to IT management and IT staff at the highest technical level on all phases of the system development lifecycle.
- Consults with IT and security staff to ensure that security is factored into the evaluation, selection, installation, and configuration of hardware, applications, and software.
- Recommends and coordinates the implementation of technical controls to support and enforce defined security policies.
- Oversees the development of and/or alignment to technology hardening standards. Develops and communicates West Bend's multi-year information security strategy.
- Works with the Manager of Information Security to develop budget projections.
- Researches, evaluates, and recommends the implementation of new or updated information security hardware or software.
- Performs security reviews of onsite, third party technologies and sets security standards for implementation.
- Partners with Enterprise Architecture to understand potential threats that must be mitigated in defined solution approaches. Perform the architect role for IT security initiatives.
- Reviews mitigations and remediation of security incidents/vulnerabilities to ensure they are appropriate. Maintains awareness of Enterprise risk categories and mitigation strategies that require security solutions.
- Monitors the external environment for emerging threats, and reviews these threats within the Information Security Program.
- Working with the engineering and development teams, develops and implements controls and configurations aligned with security policies and legal, regulatory, and audit requirements.
- Assists IT Service Owners in understanding and responding to security audit failures/risk assessment findings reported by Information Security and auditors.
- As a member of the Architecture Review Board, ensures technology solutions conform to corporate security architecture. Participates in the information-security governance process.
- As a member of the Change Advisory Board, assesses the impact of changes on our security.
- 3-5 years of IT Architecture experience
- Minimum ten years of combined Information Security/IT experience, with at least seven of those years being directly related to the security field
- Experience working with SaaS vendors/products from a security assessment, risk and compliance perspective
- Experience working with legal, audit, and compliance staff
- Strong leadership skills
- Excellent written and verbal communication skills
- Strong analytical skills
- Experience with common information security management frameworks, such as NIST, ISO 2700X, ITIL, and COBIT