Manager, IT Security & Risk

About The Position

Requirements

• Bachelor's Degree in a technology field and 8+ years' experience working in cybersecurity, an Associate's Degree with 10+ years' experience in cybersecurity or 12+ years' experience in cybersecurity Required
• Broad and deep knowledge of Information Security concepts and how these concepts apply to the business.
• Has technical expertise in two or more areas of information security (incident response, security operations, vulnerability management, application security, systems security, network security, identity management, access control, risk management, etc.).
• Experience applying cybersecurity and risk management methodologies in a complex and dynamic environment.
• Experience identifying requirements, selecting vendors, and implementing and managing endpoint protection, vulnerability management, security and event monitoring (SIEM), IAM, and other cybersecurity tools.
• Must demonstrate the ability to act independently within the context of corporate and divisional goals, using tact and good judgment.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Excellent written, oral, and interpersonal communication skills.

Nice To Haves

• CASP, CISSP, CISM Preferred

Responsibilities

• Exercise leadership influence and direction for IT Security and Risk Management team. Effectively coach and lead to ensure a competent, technically proficient staff that grows their depth and breadth of skills. Invest time and expertise in providing team with examples for learning. Identify team and individual deficiencies, recommend and implement solutions. Complete annual performance reviews for all staff members in a timely manner. Responsible for training and developing individual team members. Responsible for Corrective Action, as appropriate.
• Leverage information security and/or information risk management expertise to drive decrease in information security risk to acceptable levels and the increase the maturity level of the information security program to defined level of maturity. Mentor and develop individual team members to grow their technical skills.
• Align team strategy and goals with departmental and organizational goals. Effectively plan work efforts, leverage staff time and expertise to meet departmental and organizational goals. Exemplify company values and mission in daily activities. Effectively communicate and collaborate with all levels of management across the department and organization.
• Identify needs, develop requirements, implement and manage cybersecurity technologies, processes and procedures. Acts as a Subject Matter Expert and/or Business Sponsor for cybersecurity projects and initiatives.
• Develop, implement and maintain appropriate security and risk controls to comply with internal policies and requirements, comply with legal and regulatory requirements, and demonstrate appropriate risk management.
• Develop, maintain and report on departmental metrics.
• Contribute to success of the overall technology transformation through committed quality delivery and continuous improvement.
• Develop and maintain Model Audit Rule compliant procedures for all departmental processing; establish, maintain and ensure departmental compliance with Record Information Management (RIM) requirements.
• Commitment to embrace Sammons Financial Group Companies shared values (Accountability, Connection, Openness, Respect and Integrity).
• As stated within the Company Attendance and Punctuality policy, regular attendance is required and expected in order to meet the business service levels and workflow demands.
• Participate in other initiatives and/or projects as necessary.

Benefits

• Comprehensive health coverage for you and your family, including Medical, Dental, Vision, HSA & FSA options, and term life insurance.
• Competitive compensation with a performance-based incentive program tied to clear goals and individual and/or company success.
• 100% company-funded Employee Stock Ownership Plan (ESOP), plus automatic enrollment in our 401(k).
• Friday afternoons off year-round, generous paid time off, and paid holidays.
• Paid development time, tuition reimbursement, and professional development opportunities across industry, individual, and leadership programs.
• Volunteer time off, and our company nonprofit matching gift program.
• An ownership culture that inspires; join a connected, values-driven workplace where employees take accountability, support one another, and are empowered to do their best work—together shaping our future shared success.