Manager of Information Security Monitoring

Monitoring, Security, Security Awareness, GRC, SIEM, SOC, NOC, Automation, Audit, CISM, CISA, CISSP, Cloud, ISACA, HIPAA, Governance, GSEC, LogRhythm, Internal auditing, SSCP, Windows PowerShell, Security management, Security monitoring
Full Time
Depends on Experience
Work from home available Travel not required

Job Description

Summary:

Rowan University seeks to appoint a manager to lead the Information Security monitoring program for the division of Information Resources & Technology (IRT). IRT is responsible for the University’s information technology and applications, information security, data integrity, systems-related compliance, and reporting. Along with the University, IRT has grown extensively in recent years and we are continuing to mature our Information Security monitoring program for the University across both on-premise and cloud-based services.

This position will serve as the manager responsible for overseeing the university’s information security monitoring program and will report to the Chief Information Security Officer. The manager will lead all aspects of the information security monitoring program, including ensuring that IT activities, processes, and procedures meet defined monitoring requirements, policies and regulations. The manager should have the necessary experience to provide guidance to management and to effectively work with faculty, staff and students for any awareness programs and related processes to improve our overall security posture. The manager will thrive in this position if they have prior expertise implementing and configuring security tools and applications, and the ability to drive the information security monitoring program towards maturity by creating repeatable processes and utilizing metrics for improvement.

Job Duties:

  • Adapt information security monitoring strategy to incorporate and address emerging technologies and risks
  • Propose and implement improvements for the performance, reliability, or security of services in accordance with industry standard methodologies
  • Participate in the design, implementation, troubleshooting, and maintenance of various applications and services utilized for information security monitoring at the University
  • Manage any external Managed Security Services Providers involved with providing security monitoring services
  • Collaborate with the Internal Audit department on required security assessments and audits by coordinating and tracking resolution of all information technology and security related audit findings
  • Develop and maintain security certification policies and standards as needed, including the periodic security certification reviews of systems and technology as well as coordinating the remediation of all security certification and risk finding issues
  • Promote university awareness of information security policies and programs through the creation and maintenance of security awareness programs that are engaging, intuitive to use and mitigate risks to our University
  • Tailor information security training, education, and awareness programs to policy and compliance objectives (e.g., HIPAA, FERPA, PCI)
  • Maintain and improve the effectiveness of existing information security training, education, and awareness programs/activities utilizing appropriate metrics to measure engagement, behaviors, and impact of our security awareness training programs
  • Other information security duties as assigned

Requirements:

  • Bachelor's degree or equivalent years of related professional work experience
  • Certification from ISACA (e.g. CISA, CISM), (ISC)² (e.g. CISSP, SSCP) or SANS (e.g. GSEC, GMON) or equivalent security training required
  • At least 3 years of continuous professional work experience in an information security position supporting or managing an information security monitoring program in an organization
  • Experience with implementing and monitoring controls defined in frameworks such as NIST Cybersecurity Framework (CSF), CIS Controls, NIST 800-53, NIST 800-137
  • Experience with Governance, Risk and Compliance (GRC) programs such as OneTrust, RSA, ServiceNow to apply knowledge of information security and risk mitigation principles, theories, and techniques in daily work
  • Consultative work style that supports successful initiatives with all levels of management and customers across organizational boundaries
  • Experience with presenting to audiences of different skill levels and leadership levels on topics related to Information Security and strong written and oral communication skills with the proven ability to develop senior management briefings
  • Experience or familiarity with integrating platforms using vendor-provided APIs to orchestrate routine tasks
  • Beginner to moderate knowledge of SQL to aid with data aggregation and reporting
  • Beginner to moderate knowledge of programming languages (e.g. Python, PowerShell) to aid with automation of routine tasks and processes

Preferred:

  • Experience working with and using one (or more) of the following platforms:
    • Vulnerability Management: e.g. Tenable, Rapid7, Qualys
    • Monitoring & Logging: e.g. Splunk, LogRhythm, AlienVault
    • Cloud Access Service Broker (CASB) platforms and monitoring of cloud computing environments e.g. McAfee, Microsoft, Netskope
  • Experience working with and responding to security incidents
  • Familiarity with Identity and Access Management technologies including Single Sign-On and Federated Services
  • Familiarity with entry level database management tasks on database servers e.g. MySQL, SQL Server, Oracle
  • Candidates with the following job titles or experience in the following job roles are encouraged to apply:
    • Security Engineer
    • Security Analyst
    • Security Manager
    • Cyber Analyst
Dice Id : RTX169241
Position Id : RU-495228
Originally Posted : 1 month ago
Have a Job? Post it

Similar Positions

ISSO Specialist
  • Solidus Technical Solutions
  • Lexington, MA, USA
ISSO Specialist
  • Solidus Technical Solutions
  • Lexington, MA, USA
Deputy Program Manager - Colorado Springs, CO (Top Secr
  • Deloitte
  • Colorado Springs, CO, USA
Information Security Officer (ISO)
  • University of La Verne
  • La Verne, CA, USA
Senior Cyber Security Consultant
  • Deloitte
  • Arlington, VA, USA
Senior IT Audit and Compliance Specialist
  • Deloitte
  • Arlington, VA, USA
Cyber Supply Chain Risk Manager
  • Deloitte
  • Bethesda, MD, USA
Cyber Risk Manager
  • Deloitte
  • Arlington, VA, USA
SOC/ Threat Intel Specialist
  • Deloitte
  • Gilbert, AZ, USA
Junior DCO Analyst - Colorado Springs, CO (TS/SCI requi
  • Deloitte
  • Colorado Springs, CO, USA