Bernhard - Metairie, LA

posted 2 months ago

Full-time - Senior
Metairie, LA
Specialty Trade Contractors

About the position

The Information Security Manager at Bernhard LLC is responsible for overseeing the organization's information security management program, ensuring the protection of customer, business partner, employee, and business information. This role involves collaborating with executive management to assess acceptable risk levels and executing a comprehensive IT risk management program focused on information security and privacy. The position requires maintaining compliance with relevant laws and regulations while fostering a cyber security culture throughout the organization.

Responsibilities

  • Execute a strategic, comprehensive IT risk management program targeting information security and privacy matters.
  • Ensure the integrity, confidentiality, and availability of information owned, controlled, or processed by the organization.
  • Maintain the Bernhard customized information security management framework.
  • Provide regular reporting on the current status of the information security program to organization leaders as part of a strategic enterprise risk management program.
  • Ensure that security programs are in compliance with relevant laws, regulations, and policies to minimize or eliminate risk and audit findings.
  • Assist executive leadership in establishing a cyber security culture throughout the enterprise.
  • Oversee the approval, training, and dissemination of security policies and practices, as well as compliance from all employees, contractors, and approved system users.
  • Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
  • Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security throughout the organization.
  • Engage with external communities and activities to maintain good perspective on information security practices at peer organizations and the threat environment; promote and increase organizational ability to address common problems.
  • Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
  • Identify, report, and control cyber incidents and minimize any disruption to the Bernhard network and protect the organization's data assets.
  • Work directly with the business units to facilitate risk assessment and risk management processes.
  • Work directly with business lines to develop, maintain, and test disaster recovery and business continuity plans and procedures.
  • Maintain strong working relationships with organization leadership and teams to align information security practices across the organization.
  • Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services.
  • Design and work with other team members to architect new information security infrastructure solutions.
  • Complete customer and vendor assurance risk assessments.
  • Oversee planning and execution of necessary vulnerability audits, penetration testing, or forensic IT audits and investigations.
  • Program manage initiatives to improve company security posture, protecting company assets, reducing security risks, and meeting customer security requirements while balancing expenses and worker productivity.
  • Manage the Bernhard Cyber Hygiene Program and oversee employee training in all the latest security awareness skills.

Requirements

  • Degree in computer science, information systems, business administration, or a technology-related field, or equivalent work experience.
  • Minimum of seven years of experience in a combination of risk management, information security, and other IT jobs.
  • Applicable information security certifications (CISSP, CISM, CISA, CRISC, GSEC, or similar).
  • Extensive applied expertise in multiple disciplines, including risk assessment and auditing; security monitoring practices; the system development and engineering lifecycle; network security principles; endpoint and application security principles; and cloud and vendor security management principles.
  • Policy development and administration skills.
  • Strong analytical thinking and innovation skills.
  • Effective verbal and written communication skills.

Benefits

  • Opportunities for advancement
Job Description Matching

Match and compare your resume to any job description

Start Matching
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service