Senior Manager, Information Security

HD Supply•Atlanta, GA

22h•Onsite

About The Position

Manage and coordinate a team of Security Managers and Engineers. Ensure tight rigor and control over Security Operations and Audit processes. Serves as an internal information security consultant to the organization. Effectively leads and or coordinates all internal dedicated security functions including but not limited to - patching, anti-virus, intrusion prevention, CERT response, log file monitoring, cross division security coordination, systems operational security testing, rule set analysis, threat detection and adaptation, as well as advent security related functions. Initiates activities to create information security awareness within the organization. Performs information security risk assessments, and acts as an internal auditor. Evaluates audit findings and drives remediation of identified control deficiencies. Reviews all system-related security planning throughout the network and acts as a liaison to information systems. Monitors compliance with information security policies and procedures, addressing problems with the appropriate department manager or data owner. Oversees the security policy to ensure appropriateness. Provides training and consultation to ensure understanding of and compliance with established security standards and controls. Manages the Computer Security Incident Response Plan. Manages the Risk Program including coordination and follow-up of the semi-annual risk assessment and development and implementation of business unit policies and standards. Manages the business unit's audits and examinations. Works with management to put controls in place needed to comply with SOX and PCI regulatory requirements. Solutions require analysis and investigation. Achieves planned results by decisions and actions based on professional methods, business principles, and practical experience. May recommend/make decisions regarding new programs/initiatives that have significant impact to the business and carry consequences in unsuccessful endeavors. Manages a larger team or multiple small teams through direction of subordinate management and/or supervisory staff.

Requirements

BS/BA in a related discipline.
Generally 7+ years of experience in a related field.
May require certification.
Advanced degree may offset less experience in some disciplines.

Responsibilities

Manage and coordinate a team of Security Managers and Engineers.
Ensure tight rigor and control over Security Operations and Audit processes.
Serve as an internal information security consultant to the organization.
Lead and/or coordinate all internal dedicated security functions including patching, anti-virus, intrusion prevention, CERT response, log file monitoring, cross division security coordination, systems operational security testing, rule set analysis, threat detection and adaptation, and advent security related functions.
Initiate activities to create information security awareness within the organization.
Perform information security risk assessments and act as an internal auditor.
Evaluate audit findings and drive remediation of identified control deficiencies.
Review all system-related security planning throughout the network and act as a liaison to information systems.
Monitor compliance with information security policies and procedures, addressing problems with the appropriate department manager or data owner.
Oversee the security policy to ensure appropriateness.
Provide training and consultation to ensure understanding of and compliance with established security standards and controls.
Manage the Computer Security Incident Response Plan.
Manage the Risk Program including coordination and follow-up of the semi-annual risk assessment and development and implementation of business unit policies and standards.
Manage the business unit's audits and examinations.
Work with management to put controls in place needed to comply with SOX and PCI regulatory requirements.