Job Detail


Senior Manager, Information Security Operations

Job Number: 51867

Direct Hire

Lincolnshire, IL

Posted on May 16, 2018

.bd_title { font-weight: bold; }

The IT Security Senior Manager oversees day-to-day security operations. You will lead and manage the security operations team while assisting with the coordination of activities within the IT Security organization. Acts as a key contributor to the design, implementation, administration, maintenance, and monitoring of the Security Program. Facilitates compliance with audit, legal, regulatory, and customer contract requirements. 


Essential Duties and Responsibilities:

·        This Security Senior Manager role will assist with coordination of activities within the IT Security organization and reports to the Chief Information Security Officer. The person occupying this role will be a key contributor to the design, implementation, administration, maintenance, and monitoring of the Security Operations Program.

·        The Security Senior Manager will provide strong leadership in a high-paced environment. 

·        The Security Senior Manager role supports the CIO, CISO, Legal, and others for investigations, which may involve significant threats and/or the loss or misappropriation of assets. Preferred candidates will have significant experience in a role that required them to effectively identify, investigate, resolve, and track the remediation of security incidents.

·        The position requires a high level of technical knowledge in the area of application, operational, physical/facility, network, server, and workstation security.

·        Preferred candidates will be capable of assessing risks, designing mitigating security and control practices, influencing the culture of the company through training and education, coordinating with information and business owners on security issues and practices, monitoring compliance, and preparing and enforcing policies.

·        Performs security, risk, and vulnerability assessments of wired and wireless networks, information systems, and applications.       

·        This role is responsible for helping to facilitate compliance with legal, regulatory, and customer contract requirements.

·        The candidate is expected to maintain knowledge of complex industry trends, current security issues and security technology development, and be able to provide updates to management on potential threats and risks that could impact the business/operations.

Other Duties and Responsibilities:

·        Developing, drafting, and maintaining Corporate and Security policies, facility security plans, control standards, and system and application standards. Scope of role also requires providing inputs into Contingency Plans, Backup Plans, Disaster Recovery Plans, Incident Plans, and Emergency Mode Operations Plans.

·        Performing security, risk, and vulnerability assessments of wired and wireless networks, information systems, and applications. Scope of role includes researching and maintaining proficiency in computer network exploitation, tools, techniques, and countermeasures.

·        Conducting IT and Security audits, writing reports, reviewing findings, making recommendations to management, and tracking remediation progress in collaborating with IT, Internal Audit, Compliance, business owners, and business unit leads.  

·        Analyzing and evaluating security operations to identify risks or opportunities for improvement.

·        Will perform other duties as assigned


Job Requirements (Education, Work Experience, Certifications, Skills):

·        Bachelor's degree or equivalent work experience

·        12+ years of related experience with a minimum of four years of technical experience in one or more of the following: computer and network security, vulnerability testing, intrusion detection/prevention, security monitoring and event correlation, or computer forensic analysis

·        4+ years of management experience- must have experience leading and managing others

·        Relevant Information Security certifications (ex. CISSP, GIAC, MCSE, CEH, CHFI, CISA, CISM, CRISC, etc.)

·        Strong understanding of security information breech trends and management tools

·        Experience implementing security and compliance best-practice processes and procedures

·        Strong understanding of IP, TCP/IP, and other network administration protocols

·        Strong understanding of Network Architecture

·        Experience working in a heterogeneous technical environment

·        Experience working as a member of a project team

·        Experience implementing ITIL best practices

·        Experience managing projects that require interaction with the business

GDH Consulting, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, genetic information, veteran’s status or any other category protected by law. In addition to federal law requirements, GDH Consulting, Inc. complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities and/or employees. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, benefits and training.