Data Security Manager

Security, Risk Management, Audit, Disaster Recovery, SOX, PCI, SSAE 16,
Full Time, C2H Corp-To-Corp, C2H Independent, C2H W2
Telecommuting not available Travel not required

Job Description

Job Responsibilities:

  • Must possess a good understanding of IT technology with a focus on security and auditing procedures
  • Manages a security program including policies & procedures and security awareness  
  • Ensures compliance with Gramm-Leach-Bliley Act (GLBA), FFIEC, PCI Standards and other regulatory requirements
  • Develops, maintains and enforces a Data Security Review to be used for all new and existing critical vendors

Risk Management:

  • Good understanding of a Risk Management Model (e.g. Threats, vulnerabilities and controls)
    • Oversees annual review and revision of the risk management process
    • Prepares analysis of new technology deployed within the infrastructure including hardware, software and functional processes determines level of risk associated with each technology
  • Provide advice to development teams on how to achieve compliance with regulations and IT Policies & Procedures
  • Knowledge of the global IT Risk Regulatory Landscape
  • Knowledge of project and program management concepts and controls

Regulatory Examinations and Audit Oversight:

  • Stay abreast of new regulatory requirements and communicate to upper management
  • Must have experience working with federal examiners (e.g. FFIEC, OCC, SOX, FDIC, etc.)
  • Good working knowledge of requirements for GLBA, SOX and PCI
  • Ability to drive IT internal and third-party audits and regulatory examinations
    • Develop audit scope
    • Request RFP’s and present to audit committee
    • Prepare request list items for pre-audit
    • Manage audit process
    • Manage and track recommendations and remediation efforts  

Job Requirements:

  • Must have 5 + years of experience in IT management with a focus on physical and logical security oversight
  • Experience with auditing processes, Including network Security, SDLC/Change Management and IT related functions
  • Experience in developing and maintaining a technology  risk assessment process
  • Must have strong communication skills and ability to work individually, within a team and with other business groups
  • Experience or understanding of Disaster Recovery and Business Continuity initiatives
  • Must have ability to develop policies & procedures and communicate effectively
  • Understanding of federal and other regulatory requirements and the ability to keep current
  • Must be well versed in industry accepted IT control frameworks (e.g. SSAE16, SAS70 or ISO17799 audit reports)


  • BS/BA degree in related technical and security disciplines
  • Certifications in data security and/or auditing procedures not required but preferred


Posted By

Michael Beardslee

Position Id : 894020
Have a Job? Post it

Similar Positions

Intrusion Detection Security Engineer
  • General Dynamics Information Technology
  • North Las Vegas, NV
Cybersecurity Analyst
  • Leidos
  • Las Vegas, NV
Supervisor II (IT)
  • Mission Support and Test Services, LLC (MSTS)
  • Las Vegas, NV
Cybersecurity Consultant - Project Manager
  • Irvine Technology Corporation (ITC)
  • Las Vegas, NV
Supervisor I
  • MSTS (Mission Support and Test Services, LLC )
  • Las Vegas, NV
Project Manager
  • Link Technologies
  • Las Vegas, NV
Information Systems Security Risk Analyst
  • Lockheed Martin Corporation
  • Edwards Air Force Base, CA
Senior Manager, Cyber Security
  • Edwards Lifesciences
  • Irvine, CA