Security Manager - (St. Louis, MO / Hybrid)

Oakwood Systems Group Inc.•St. Louis, MO

2d•Hybrid

About The Position

Responsibilities: Manage and deploy patches for servers and user devices. Provide guidance and training to staff on security best practices and emerging threats and manage simulated phishing campaigns. Monitor and report on the effectiveness of security operations and initiatives to senior management. Conduct regular risk assessments and vulnerability analyses to identify and mitigate potential security threats. (including coordination of Penetration Testing) Develop, implement, and maintain the overall information security strategy and framework. Assist in the development and implementation of security policies, standards, and procedures. Manage and respond to security incidents and breaches; assist in conducting root cause analyses and implementing corrective actions. Ensure compliance with relevant legal and regulatory requirements, including GDPR, HIPAA, and other data protection laws. Collaborate with IT, compliance, and business units to integrate security into all aspects of the organization’s operations. Monitor security alerts and incident reports, conducting initial investigations and escalating as necessary. Provide IT security support and guidance to employees, addressing security-related queries and incidents. Perform regular audits of servers to ensure patch compliance.

Requirements

Bachelor’s degree in computer science, Information Security, or a related field.
Minimum of 5 years of experience in IT security management.
Relevant industry certifications (e.g., CISSP, CISM, CEH).
Proven experience in managing security operations, including patch management, phishing training, penetration testing, and incident response within a regional scope.
In-depth knowledge of security frameworks, standards, and best practices (e.g., ISO 27001, NIST, COBIT).
Strong understanding of network security, encryption, threat modelling, and security incident management.
Experience with security tools and technologies, including SIEM, IDS/IPS, DLP, and endpoint protection.
Excellent problem-solving and analytical skills.
Strong project management and team leadership capabilities.
Ability to work effectively in a fast-paced, global environment.
Strong communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders.

Nice To Haves

Master’s degree is a plus.

Responsibilities

Manage and deploy patches for servers and user devices.
Provide guidance and training to staff on security best practices and emerging threats and manage simulated phishing campaigns.
Monitor and report on the effectiveness of security operations and initiatives to senior management.
Conduct regular risk assessments and vulnerability analyses to identify and mitigate potential security threats. (including coordination of Penetration Testing)
Develop, implement, and maintain the overall information security strategy and framework.
Assist in the development and implementation of security policies, standards, and procedures.
Manage and respond to security incidents and breaches; assist in conducting root cause analyses and implementing corrective actions.
Ensure compliance with relevant legal and regulatory requirements, including GDPR, HIPAA, and other data protection laws.
Collaborate with IT, compliance, and business units to integrate security into all aspects of the organization’s operations.
Monitor security alerts and incident reports, conducting initial investigations and escalating as necessary.
Provide IT security support and guidance to employees, addressing security-related queries and incidents.
Perform regular audits of servers to ensure patch compliance.