Job Description
Job#: 1315717
Job Description:
Acts as a key participant in the development, implementation, and monitoring of the enterprise information security program. Provides security consultation to IT management and IT staff at the highest technical level on all phases of the system development lifecycle. Consults with IT and security staff to ensure that security is factored into the evaluation, selection, installation, and configuration of hardware, applications, and software. Recommends and coordinates the implementation of technical controls to support and enforce defined security policies. Oversees the development of and/or alignment to technology hardening standards. Develops and communicates multi-year information security strategy. Works with the Manager of Information Security to develop budget projections. Researches, evaluates, and recommends the implementation of new or updated information security hardware or software. Performs security reviews of onsite, third party technologies and sets security standards for implementation. Partners with Enterprise Architecture to understand potential threats that must be mitigated in defined solution approaches. Perform the architect role for IT security initiatives. Reviews mitigations and remediation of security incidents/vulnerabilities to ensure they are appropriate. Maintains awareness of Enterprise risk categories and mitigation strategies that require security solutions. Monitors the external environment for emerging threats, and reviews these threats within the Information Security Program. Working with the engineering and development teams, develops and implements controls and configurations aligned with security policies and legal, regulatory, and audit requirements.
Assists IT Service Owners in understanding and responding to security audit failures/risk assessment findings reported by Information Security and auditors. As a member of the Architecture Review Board, ensures technology solutions conform to corporate security architecture. Participates in the information-security governance process. As a member of the Change Advisory Board, assesses the impact of changes on our security. Is an escalation resource for security analysts. Performs other Information Security assignments and duties, as assigned.
**This position will require working fully on-site at West Bend corporate office or a hybrid schedule(3 days in the office/2 days at home and we are currently considering only Wisconsin residents at this time
Preferred Experience and Skills
Preferred Education and Training
Bachelor's degree in Computer Science or closely related field
Certifications in CISSP, CRISC, CISM, GIAC or other security industry certifications
EEO Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or .
Job Description:
Acts as a key participant in the development, implementation, and monitoring of the enterprise information security program. Provides security consultation to IT management and IT staff at the highest technical level on all phases of the system development lifecycle. Consults with IT and security staff to ensure that security is factored into the evaluation, selection, installation, and configuration of hardware, applications, and software. Recommends and coordinates the implementation of technical controls to support and enforce defined security policies. Oversees the development of and/or alignment to technology hardening standards. Develops and communicates multi-year information security strategy. Works with the Manager of Information Security to develop budget projections. Researches, evaluates, and recommends the implementation of new or updated information security hardware or software. Performs security reviews of onsite, third party technologies and sets security standards for implementation. Partners with Enterprise Architecture to understand potential threats that must be mitigated in defined solution approaches. Perform the architect role for IT security initiatives. Reviews mitigations and remediation of security incidents/vulnerabilities to ensure they are appropriate. Maintains awareness of Enterprise risk categories and mitigation strategies that require security solutions. Monitors the external environment for emerging threats, and reviews these threats within the Information Security Program. Working with the engineering and development teams, develops and implements controls and configurations aligned with security policies and legal, regulatory, and audit requirements.
Assists IT Service Owners in understanding and responding to security audit failures/risk assessment findings reported by Information Security and auditors. As a member of the Architecture Review Board, ensures technology solutions conform to corporate security architecture. Participates in the information-security governance process. As a member of the Change Advisory Board, assesses the impact of changes on our security. Is an escalation resource for security analysts. Performs other Information Security assignments and duties, as assigned.
**This position will require working fully on-site at West Bend corporate office or a hybrid schedule(3 days in the office/2 days at home and we are currently considering only Wisconsin residents at this time
Preferred Experience and Skills
- Minimum ten years of combined Information Security/IT experience, with at least seven of those years being directly related to the security field
- Experience working with SaaS vendors/products from a security assessment, risk and compliance perspective
- Experience working with legal, audit, and compliance staff
- Strong leadership skills
- Excellent written and verbal communication skills
- Strong analytical skills
- Experience with common information security management frameworks, such as NIST, ISO 2700X, ITIL, and COBIT
Preferred Education and Training
Bachelor's degree in Computer Science or closely related field
Certifications in CISSP, CRISC, CISM, GIAC or other security industry certifications
EEO Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or .
