M+E Technology Job Board
IT Security Manager
Vistex
The IT Security Manager manages all IT related information security, develops and implements information security standards and policies, leads regular internal audit activities and monitors Vistex’s security exposure with prompt and appropriate risk mitigation. This Manager will also manage all activities associated with the Information Security Management System (ISMS) reporting to the executive team providing associated oversight.
Responsibilities
Providing the vision and thought leadership related to cyber security and overall IT Security Strategy in partnership with company leaders
Managing all reporting and organization of the Information Security Management System (ISMS) Committee according to ISO 27001 standards.
Serving as the internal focal point for all internal information security and compliance management activities within the IT environment including:
Incident Management
Vulnerability Management
Penetration Testing
Risk Assessment and Treatment
IT Security Policy Review
Access Management Reporting
Disaster Recovery Reporting
Responding to information security related issues in questionnaires and RFP’s submitted to Vistex.
Developing and maintaining a Vistex Information Security Profile to be used in marketing and in communications with current and potential customers.
Lead efforts in implementing and managing GDPR and Privacy Shield compliance
Assessing security exposures internally and at our business partners
Educating associates about security risks and opportunities
Assessing security technologies and solutions and developing appropriate security solutions
Serving as the strategic partner with Audit and our compliance business partners to implement and monitor security
Develop and maintain information security policies, standards, guidelines and oversee the dissemination of security policies and practices; identify knowledge gaps to increase awareness of relevant information security practices.
Provide leadership and guidance on information security topics, advising and collaborating on security processes, business continuity, and disaster recovery plans.
Lead investigations of any actual or potential information security violations and manage escalation of security events; assist with related legal matters associated with such events as needed and make recommendations to correct or prevent future incidents.
Work with system administrators and application developers to audit, monitor and validate their environment’s security, including conducting gap analysis and other comprehensive internal assessments of existing systems to improve the security infrastructure and mitigate risks.
Work with Internal Audit and outside consultants as appropriate on required security assessments and audits.
Develop a strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors.
Qualifications
8+ years of experience in a combination of risk management, information security and IT jobs.
Proven track record and experience in developing information security programs, policies and procedures, including successful implementations in large enterprise environments.
High degree of initiative, dependability; experience managing multiple, simultaneous, and high-profile information security initiatives and responses.
High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgement and maturity.
Strong knowledge of common information security management frameworks, such as ISO/IEC 27001, SOC2, COBIT, NIST, GDPR, CSA and deep knowledge and understanding of relevant legal and regulatory requirements/standards. Experience in designing and managing new and existing security systems. Ability to advise infrastructure and applications staff in securing their respective environments.
Vistex
The IT Security Manager manages all IT related information security, develops and implements information security standards and policies, leads regular internal audit activities and monitors Vistex’s security exposure with prompt and appropriate risk mitigation. This Manager will also manage all activities associated with the Information Security Management System (ISMS) reporting to the executive team providing associated oversight.
Responsibilities
Providing the vision and thought leadership related to cyber security and overall IT Security Strategy in partnership with company leaders
Managing all reporting and organization of the Information Security Management System (ISMS) Committee according to ISO 27001 standards.
Serving as the internal focal point for all internal information security and compliance management activities within the IT environment including:
Incident Management
Vulnerability Management
Penetration Testing
Risk Assessment and Treatment
IT Security Policy Review
Access Management Reporting
Disaster Recovery Reporting
Responding to information security related issues in questionnaires and RFP’s submitted to Vistex.
Developing and maintaining a Vistex Information Security Profile to be used in marketing and in communications with current and potential customers.
Lead efforts in implementing and managing GDPR and Privacy Shield compliance
Assessing security exposures internally and at our business partners
Educating associates about security risks and opportunities
Assessing security technologies and solutions and developing appropriate security solutions
Serving as the strategic partner with Audit and our compliance business partners to implement and monitor security
Develop and maintain information security policies, standards, guidelines and oversee the dissemination of security policies and practices; identify knowledge gaps to increase awareness of relevant information security practices.
Provide leadership and guidance on information security topics, advising and collaborating on security processes, business continuity, and disaster recovery plans.
Lead investigations of any actual or potential information security violations and manage escalation of security events; assist with related legal matters associated with such events as needed and make recommendations to correct or prevent future incidents.
Work with system administrators and application developers to audit, monitor and validate their environment’s security, including conducting gap analysis and other comprehensive internal assessments of existing systems to improve the security infrastructure and mitigate risks.
Work with Internal Audit and outside consultants as appropriate on required security assessments and audits.
Develop a strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors.
Qualifications
8+ years of experience in a combination of risk management, information security and IT jobs.
Proven track record and experience in developing information security programs, policies and procedures, including successful implementations in large enterprise environments.
High degree of initiative, dependability; experience managing multiple, simultaneous, and high-profile information security initiatives and responses.
High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgement and maturity.
Strong knowledge of common information security management frameworks, such as ISO/IEC 27001, SOC2, COBIT, NIST, GDPR, CSA and deep knowledge and understanding of relevant legal and regulatory requirements/standards. Experience in designing and managing new and existing security systems. Ability to advise infrastructure and applications staff in securing their respective environments.