Manager, Information Security (InfoSec)
The InfoSec Manager, reporting to the CSO, is responsible for overseeing the operations of the enterprise’s security solutions through management of the organization’s security analysts. Secondary tasks will include the selection of appropriate security solutions, and oversight of any vulnerability audits and assessments. The InfoSec Manager is expected to interface with peers in the Infrastructure, Engineering and CorpIT departments as well as with the leaders of the business units to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.
Strategy & Planning
- Working with the Security Architect to create and maintain the enterprise’s security architecture design.
- Create, and maintain the enterprise’s security operations, application security, information security programs.
- Create and maintain the enterprise’s security documents (standards, baselines, guidelines and procedures).
- Create and maintain the enterprise’s Business Continuity Plan and Disaster Recovery Plan, where appropriate.
Acquisition & Deployment
- Maintain up-to-date knowledge of the security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise’s existing procurement processes.
- Oversee the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
- Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
- Ensure the enforcement of enterprise security documents.
- Supervise all investigations into problematic activity and provide on-going communication with senior management.
- Supervise the design and execution of vulnerability assessments, penetration tests and provide evidence for security audits.
- Perform regular assessments with recommendations for improvement of Workfront’s security capabilities; PAM, Logging & Monitoring (SIEM), Vulnerability Management, Endpoint Security, Network Security, etc.
- Engage in ongoing communications with peers in the Infrastructure, Engineering and CorpIT departments as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
Formal Education & Certification
- College diploma or university degree in the field of computer science or 10 years equivalent work experience, 3+ years of which are in a security management role.
- One or more of the following certifications:
- GIAC Security Essentials Certification
- GIAC Security Leadership Certification
- (ISC)2 CISSP
- (ISC)2 CCSP
Knowledge & Experience
- Experience in enterprise endpoint security, PAM, SSO/MFA, network security, SIEM and vulnerability management.
- Extensive experience in enterprise security document creation.
- Experience in developing Business Continuity Plans and Disaster Recovery Plans.
- Experience in managing a team
- Working technical knowledge of Okta, Teneable, Splunk, SentinelOne, and Palo Alto.
- Working technical knowledge of Thycotic, Cyberark, NetScope and Airwatch
- Strong understanding of IP, TCP/IP, and other network administration protocols.
- Proven analytical and problem-solving abilities.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Ability to provide clarity through effective communication skills.
- Ability to conduct research into security issues and products as required.
- Ability to present ideas in business-friendly and user-friendly language.
- Highly self motivated and directed.
- Team-oriented and skilled in working within a collaborative environment.
Individuals seeking employment at Workfront are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements.
Workfront is not accepting unsolicited assistance from recruitment agencies for this employment opportunity. All resumes submitted by recruitment agencies to any employee at Workfront via-email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Workfront. No fee will be paid in the event the candidate is hired by Workfront as a result of the referral or through other means.
About us Workfront is the cloud-based project management software that helps marketing, IT, and other enterprise teams conquer the chaos of the noisy inbox, never-ending status meetings, and disjointed tools. Unlike other platforms, Workfront Enterprise Work Management is a centralized, easy-to-adopt solution for managing and collaborating on all types of projects through the entire work lifecycle. This vastly improves team productivity and executive visibility. Workfront is trusted by thousands of global enterprises, like Cars.com, Cisco Systems, Disney, Tommy Hilfiger, National Geographic, and Trek. Discover how your business can join the future of project management by visiting www.Workfront.com