IT Security Technology Manager

Position Description

• [Company] is recruiting for a Technology Manager, Information Security.  Reporting to the Chief Information Officer (CIO), this position will be the enterprise wide technical resource and thought leader on IT security technologies and practices for implementing Security Solutions.  The position will establish and maintain a global information security strategy and program, with responsibilities including creating strategy, policy, meeting regulatory compliance, risk identification and mitigation, security architecture and standards. The position will require a technology leader with experience in security technology, infrastructure protection and application security.

Duties/Responsibilities:

• Develop, document, implement, and communicate an enterprise-wide information security strategy and policies.
• Develop, implement, and manage security controls,  processes, and policies as a result of analysis, research, recommendations.
• Lead IT security incident response to coordinate and manage resolution to current or potential threats, incidents, or  vulnerabilities.
• Provide expertise and security direction to project teams to eliminate and mitigate security issues.
• Work with Business Relationship Management group to perform requirements gathering and architecture designs as part of projects to ensure the security policies are addressed.
• Identify infrastructure protection goals and objectives consistent with the enterprise IT security strategy.
• Conduct research and 3-5 year planning to ensure the organization is continually aware of industry security trends, and best practices to propose new technology and tools investments.
• On an ongoing basis conduct security assessments and audits of IT’s  application and infrastructure portfolio to identify determine issues, weaknesses and gaps in processes and technology
• Work with internal and external audit to ensure compliance to appropriate regulations and data protection directives. 
• Oversee security training and awareness.
• Direct vendors who provide Covanta infrastructure, software and services with security requirements and ensure needs are properly considered and addressed.

Requirements:

• A minimum of a BA or BS degree is required, concentration in Engineering, Computer Science, Information Systems or other related technical discipline is preferred.
• A minimum of 7 years of experience in information security matters (policy, architecture, technology, etc.) is required. 
• Hands-on information security experience with security architecture, network security and/or computing platform security is required.  
• A full understanding of information security functions (confidentiality, integrity, availability, authentication, and authorization) is required.
• Experience in networking technologies related to security capabilities such as firewalls, network IDS / IPS, and routers are required. 
• Experience with Public Key Infrastructure is preferred.
• An understanding of Cryptographic algorithms and protocols is preferred.
• CISSP, CISM certification is preferred. 
• Experience with secure configuration of Windows and UNIX Operating Systems is preferred.
• Oral and written communication, organization, and interpersonal skills and a demonstrated effectiveness in a customer-facing role