Security Program Manager

Full Time Jefferson City, Missouri, US Beacon Hill Staffing Group, LLC

Job Description

The Security Program Manager provides leadership, direction, and collaboration with cross-functional teams to deliver security program best practices throughout the organization. This includes developing, implementing, and iterating security program risk assessments, management policies, procedures, frameworks, and metrics to achieve a safe and secure business environment. The role will operationalize and scale a durable security program aligned to regulatory, customer, and corporate security requirements. Daily duties involve working closely with IT, compliance, security analysts, security vendors, and business stakeholders.

Responsibilities

Collaborate with CIO, IT management, Compliance Officer, Privacy Officer, and other leadership to define information security, risk, and compliance requirements for the organization.

Responsible for the development, establishment and maintenance of an Information Security Program that is consistent with Organization’s mission, values and operating goals while meeting all legal, regulatory, and contractual requirements.

Collaborate with a cross-functional team to develop and conduct information security risk assessments to identify information security risks for the organization and drive the implementation of recommended mitigations.

Oversee the development, implementation and maintenance of the Organization’s Information Security policies, practices, and standards necessary to address regulatory requirements and identified risks.

Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.

Design, coordinate and oversee security testing and audit procedures to verify the ongoing effectiveness of existing security controls and manage the remediation of identified risks.

Manage incident response activities from identification, detection, response, and mitigation to identified security incidents including collaboration with other teams such as Compliance, Legal and Communications to ensure organization is appropriately protected and regulatory requirements are met through all stages of managing the incident.

Ensure that all acquisitions and outsourcing efforts address information security requirements consistent with organization goals through the assessment of the security practices of potential and existing vendors and assisting with the review and approval of Service Level and Data Security Agreements.

Foster a culture of security awareness by overseeing staff training programs, security awareness campaigns, and regular communications and collaboration with personnel at all levels of the organization.

Lead the Security Committee and ensure awareness of the organization’s security posture through regular reporting to the Compliance Committee and Senior Leadership.

Counsel and advise cross-functional teams to ensure consistent application of security policies, standards and best practices across all technology projects, systems, and organization initiatives.

Serve as primary point of contact for security-related issues and questions throughout the organization and provide internal and external guidance with respect to security strategy.

Proven subscription to the company’s core values of integrity, trust and respect, innovation, stewardship, excellence, and celebration.

Education, Skills, Personal Attributes, and Experience Required

BA/BS in Computer Science, Information Systems, or similar field (or BA/BS in Business with a minor in Computer Science, Information Systems, or similar field), or equivalent work experience. A Master’s degree, MBA or advanced educational degree preferred.

Must have and maintain a CISA, CISM, or CISSP certification.

Previous experience aligning security programs to frameworks such as SOC, NIST, CIS, HIPAA, HITRUST, and PCI.

Minimum 7 years of work experience in information security program management in a complex IT environment.

Analytical, problem-solving, negotiation and organizational skills with a clear experience focusing under pressure.

Technical and managerial expertise in the administration of security controls.

Superb interpersonal, verbal, and written communication skills with the ability to convey complex concepts to a broad range of technical and non-technical audiences.

Experience managing competing priorities and simultaneous/concurrent projects in a fast-paced environment.

Must possess excellent computer software skills with Microsoft Windows, Office, Visio (or equivalent) to produce documentation as part of the security program.

Be independent, results oriented, and thorough in examination and analysis.

Beacon Hill is an Equal Opportunity Employer that values the strength diversity brings to the workplace. Individuals with Disabilities and Protected Veterans are encouraged to apply.

Company Profile:

Beacon Hill Technologies, a premier National Information Technology Staffing Group, provides world class technology talent across all industries utilizing a complete suite of staffing services. Beacon Hill Technologies’ dedicated team of recruiting and staffing experts consistently delivers quality IT professionals to solve our customers’ technical and business needs.

Beacon Hill Technologies covers a broad spectrum of IT positions, including Project Management and Business Analysis, Programming/Development, Database, Infrastructure, Quality Assurance, Production/Support and ERP roles.

Learn more about Beacon Hill Staffing Group and our specialty divisions, Beacon Hill Associates, Beacon Hill Financial, Beacon Hill HR, Beacon Hill Legal, Beacon Hill Life Sciences and Beacon Hill Technologies by visiting .

We look forward to working with you.

Beacon Hill. Employing the Future

AC2019