Manager of Information Security

  • Latham, NY
  • Posted 11 days ago | Updated 11 days ago

Overview

On Site
$130,000 - $150,000
Full Time
10% Travel

Skills

cybersecurity
data security
desktop security
application security

Job Details

Title: Manager of Information Security

Department: Information Technology - Latham, NY

Category: MC

Salary: $130,000 to $150,000

Date: April 26, 2024

 

Overview:

 

Under general direction of the Chief Information Office/Chief Information Security Officer, the information security manager (ISM) oversees the protection of networks, computers, and data from cyber-attacks, viruses, and other security breaches. Responsibilities include data security, application security, desktop security, vulnerability management, cybersecurity, policy management, security incident response, business continuity and disaster recovery management and oversight. The Information security manager's role is to plan, coordinate, and supervise the activities related to the information security engineers, and to provide standards and monitoring for all technical infrastructure at NYSUT.

 

Primary Responsibilities:

 

  • Assist with acquiring and managing the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.
  • Perform risk assessments and advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture
  • Collect and maintain data needed to meet system cybersecurity reporting.
  • Ensure that security improvement actions are evaluated, validated, and implemented as required.
  • Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment and that requirements are
  • integrated into the continuity planning for that system and/or organization(s).
  • Ensure that baseline security safeguards are appropriately installed Identify information technology (IT) security program implications of new technologies or technology upgrades.
  • Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
  • Oversee the information security training and awareness program.
  • Make recommendations for development, modification, or updates to the computer environment cybersecurity program plans and requirements.
  • Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
  • Assist with the development of necessary procurement documents.
  • Recognize a possible security violation and take appropriate action to report the incident, as requested.
  • Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
  • Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.

 

  • Update and implement all necessary and required policies and strategies for cybersecurity .
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
  • Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals.
  • Identify and support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
  • Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
  • Other duties and responsibilities as assigned.

 

Qualifications:

 

  • Bachelor's degree in Computer Science, Information system, or a related field is preferred.
  • 8 to 10 years of Security Engineering including system automation, cybersecurity, and/or operationally focused security practitioner role experience;
  • management experience is required;
  • Program and project management skills;
  • CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information System Control), or CISA (Certified Information Systems Auditor) certification required.
  • Strong ability to learn new technology
  • Ability to work independently and as part of a team
  • Excellent collaboration and communication skills
  • Strong attention to detail and accuracy
  • Ability to travel and work nights and weekends as required for urgent responsive needs, special initiatives, and/or rollouts.
  • Experience working in a union environment is preferred.

 

 

NYSUT- Who are we?

 

NYSUT is a statewide labor organization affiliated with more than 1,200 local unions, each representing its own members. NYSUT is affiliated with two national unions, the American Federation of Teachers (AFT) and the National Education Association (NEA). NYSUT represents nearly 700,000 people who work in, or are retired from, New York's schools, colleges, and healthcare facilities, including teachers, teacher aides and assistants, college and university faculty and professional staff, school bus drivers, custodians, secretaries, cafeteria workers, nurses, and other healthcare professionals. At NYSUT, we believe in creating a work environment free of barriers and bias, where individual outlooks and talents are respected and valued. Our organization s policy is to ensure an equal employment opportunity to all persons without regard to race, color, national origin, religion, age, sex, disability, sexual orientation, gender identity or any other characteristic protected by the law.

 

 

 

 

 

 

Why Should You Apply?

 

  • Competitive salary and excellent benefits, including comprehensive medical and dental insurance plans, life and long-term disability plans, and retirement plans
  • Generous PTO plan
  • Work-life balance
  • Collaborative and supportive work environment with a diverse group of experienced professionals
  • Opportunity to work in a highly respected organization, make a meaningful difference in the lives of working people, and be a proud part of the labor movement at the local, state, and national levels.

 

How to Apply:

 

Interested applicants must be authorized to work in the United States and should submit a cover letter