Information Security and IT Risk Manager - VP
Chicago, IL, USA | SMBC Group
Functions:IT / Information Technology
Job Description:123 people have viewed this job
This role is responsible for managing all aspects of Information Security and IT Risk Management at SMBC Rail Services in Chicago, reporting to the regional CISO in New York as well as local management.
Primary Responsibilities include implementing and managing a full range of cyber security technology controls and processes in order to ensure compliance with required Information and Cyber Security polices and procedures.
Additional responsibilities include:
- Definition, creation and management of control procedures including documentation, testing and validation and reporting
- Working with other Internal IT Staff to implement/upgrade/maintain security solutions
- Project management activities for the SMBC RS Information Security Team including project definition, documentation, creating and execution of project plans and coordination with other teams
- Cyber security project cost management, resource management and reporting
- Develop and maintain KPI's and KRI's to report to management and the regional CISO
- Participate in and report to relevant technology and Cyber risk committees
- Train user groups and provide support for new software implementations
- Manage vendor relationships and outsourcing contracts for security services
Security Solution Implementation
- Analyse, document, and communicate requirements and work with technical leads to develop an appropriate solution. Create clear and concise functional requirements documentation and operational procedures documents
- Map processes including control points, key data and reporting elements, process training documentation and system interfaces
- Participate in technical reviews to ensure project goal(s) are maintained throughout the project.
- Create, maintain and execute required test case scenarios and use cases to verify requirements
Project and Process Management
- Develop, maintain, and generate reports for projects, process support, application support, internal training, project expenses, and department initiatives
- Develop project presentations for status reporting, negotiations, and decision making appropriate for a range of audiences.
Training & Support
- Train user groups. Develop training materials, quick guides, and project presentations in support of projects and department initiatives
- Troubleshoot, support and maintain multiple Security Application Operating Systems and Application issues which affect Security Processes
Bachelor’s Degree in Computer Science or related field or equivalent work experience.
- Minimum 5 years experience supporting IT Security tools and applications including:
o Identity and Access Management
o Endpoint Security
o Privileged Access Management
o IT Risk Assessments
o IT Risk and Security Training
o Next Generation Firewalls
o Next Generation End Point Detection
o Vulnerability Scanning
o Web and Email Security
- Process documentation, flow charting and re-engineering experience
- Some Project Management Experience a plus
· Strong work ethic with focus on meeting deadlines and objectives
· Strong verbal and written communication skills.
· Ability to communicate effectively to all levels in the organization and adapt information delivery based on audience.
· Ability to communicate information security concepts across a broad range of technical and non-technical staff.
· Ability to multitask and work under tight deadlines.
· Ability to raise awareness and issues to executive leadership, engage leaders and stakeholders in understanding
their roles in delivering enterprise Change, Configuration and Release Management process.
· Self motivated and ability to work within stringent time frames.
· Strong analytical and investigation skills.
· Strong team player.
Already a member? Sign In