it data Security ManagerAlorica Teleservices, Inc.

Prioritizes, scopes, and manages team(s) responsible for the implementation, execution and monitoring of Information Security processes and procedures. Provides leadership and guidance in securing information owned or used by the firm. Prioritizes, scopes, and manages team(s) responsible for the implementation, execution and monitoring of Information Security processes and procedures. Provides leadership and guidance in securing information owned or used by the firm. Ensures integration of the Information Security Program with firm processes. Executes projects and initiatives that identify and manage information risk. Audits and consults on information risk management practices to various constituents across the firm internally as well as externally including customers and industry bodies. Mentors and develops subordinates through a combination of stretch assignments, performance appraisals, duty rotations, and internal/external training. Job Duties: Monitors emerging technologies for adoption by the firm. Identifies gaps in security architecture and framework suitable for tool automation or enhancement. Identifies functional specifications for tools and proposes solutions to IT leadership. Defines measures and targets to be used as key performance indicators (KPIs). Identifies normal states, variance tolerance, and escalation/alarm thresholds. Manages team performance to target and assists with escalation to ensure timely resolution. Tracks project activities, ensures security deliverables are met on time, Alternate representative to large project. Provides guidance on security policy, technology risk, and appropriate controls. Escalates variance to senior management for guidance and resolution. Responsible for Enterprise Security Architecture. Documents design attributes and target components. Represents Information Security on Enterprise Architecture team. Ensures Security is incorporated into projects and products during plan and design phases. Develops cross-functional strategies to reduce technology and operational risk within the Information Security team and across the firm. Reviews and approves recommended policy and procedure changes. Serves as subject matter expert on IT security and business/firm applications, tools, polices, and controls. Monitors policy and standard review process. Advises Analysts and Engineers on structure, format, and content. Identifies SME and key stakeholders for baselines and standards. Mentors senior engineers on policy hierarchy and development process. Selects vendors in compliance with firm sourcing policies and departmental requirements. Provides input into corporate sourcing practices. Reviews and negotiates Info Sec vendor contracts. Monitors vendor performance to contract and resolves issues. Ensures contract reviews are completed within SLA. Advises Engineers on contract review and commentary. Reviews and resolves escalated language issues. Represents Information Security in direct negotiations with the customer. Monitors and reviews audit processes. Develops metrics for tracking resources committed to audit support. Identifies standard security metrics for external representation. Drives reduction of audits through improved metrics, communications, and billing for audit time. Drafts and delivers awareness content for senior managers. Responsible for execution of annual security awareness training. Reviews and edits internal and external communications for approval by senior management. Seeks content approval though defined channels. Identifies changes to approval path and implements in conjunction with stakeholders. Identifies potential vendor risks, defines parameters, advises engineers on process. Works with peer leads across IT to ensure processes are followed and reviews completed for all vendors as appropriate. Defines tool requirements, selection criteria, and key performance attributes. Projects capital operating expenses. Reviews and approves operating procedures. Develops and maintains incident response and investigation procedures. Ensures staff is properly trained in incident response. Functions as incident commander for Info Sec during security investigations and incident response. Ensures incident findings and ADDITIONAL JOB DUTIES Responsible for understanding and complying with all policies, procedures, and regulations relating to job duties. Perform other duties as assigned by management. QUALIFICATIONS: EDUCATION: Bachelor's Degree or equivalent work experience - Computer Science, Business Administration or Information Assurance - Required Licenses or certifications (Please List) Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or equivalent certification - Required Four years of Information Security experience required. Three to five years of information Security or Technology management experience. KNOWLEDGE, SKILLS, ABILITIES & OTHER CHARACTERISTICS: Specific Job Related Knowledge, Skills, Abilities & Other Characteristics: Proficient personal computer skills including Microsoft Office. Experiencing developing security programs and strategies managing compliance with 3 or more of the following regulatory frameworks: Health Information Portability and Accessibility Act (HIPAA), Federal Information Security Management Act (FISMA), Sarbanes Experiencing developing security programs and strategies managing compliance with the following security frameworks and reporting/assessment methodologies: Payment Card Industry Data Security Standard (PCI DSS), ISO 27002, and Service Organization Control Experience developing and delivering security programs and strategies incorporating Strong Authentication, Access control, Network Security and firewall/IDS/IPS, Cryptography, Security policy and control development, forensics & investigations, informatio Experience developing and delivering security programs and strategies for securing the following Operating systems and utilities: UNIX, Linux, Windows, Active Directory, and Group Policies General Job Level Knowledge, Skills, Abilities & Other Characteristics: Excellent written, verbal and interpersonal communication skills. Ability to multi-task and adapt to change. Proven track record of meeting or exceeding customer experience and financial objectives Ability to maintain the highest level of confidentiality. Strong analytical and presentation skills. Proven track record in a metric focused environment. Strong process orientation skills and project management abilities. Excellent leadership and organizational skills.
Monster

Metro Manila
Permanent
Full-time