IT Security Manager - Roseville/Granite Bay, CA
Granite Bay, CA, USA
Posted on Friday, May 12, 2023
NOT A REMOTE POSITION MUST BE LOCATED IN OR NEAR ROSEVILLE/GRANITE BAY, CA Reviver is the very first technology company to develop a digital license plate. We use groundbreaking technology to digitize license plates and make them multi-functional. We have introduced our concept on a global scale and are on an exciting trajectory. Reviver offers opportunities to work in a collaborative environment that rewards creative thinking and provides opportunities for advancement. As the first of our kind, we are truly in a class of our own. We offer competitive pay and great benefits for our employees. SummaryUnder minimal supervision of the Chief Operations Officer (COO), the Information Security Manager (ISM) is responsible for the creation and maintenance of the physical and information security programs. This position provides leadership and oversight in the strategic planning, execution, and assessment of Reviver's physical and information security strategies, policies, procedures, and practices implemented by the organization. The ISM ensures that all physical and information assets are adequately protected against current/future internal/external threats through a comprehensive risk management program. The position is responsible for overseeing the company’s Information Technology (IT) infrastructure and operations. Supervises
- Outside Vendors and Contractors
- Systems and Help Desk Support personnel
- Information Security and Compliance personnel
- Development Operations
- Develops an information security and privacy strategic plan and governance program for the organization.
- Develops and oversees the IT infrastructure (datacenter) technology roadmap and its alignment with business goals and objectives. Ensures datacenter technologies standards and information security best practices are met and aligned.
- Reviews and approves client and vendor agreements to ensure compliance with Reviver privacy, security, and IT infrastructure requirements.
- Performs and leads organizational risk assessments to identify risks associated with areas such as Human Capital, Service Delivery, Sales, Customer Success, Technology, Security, and Compliance.
- Oversees a vendor risk management program. Performs vendor risk and clients’ permissible data use assessments.
- Architects' datacenter components for high availability, performance, and network security.
- Oversees and achieves annual Statement on Standards for Attestation Engagements (SSAE) 18, Service and Organization Controls (SOC) 2 attestation compliance reports.
- Oversees the development, maintenance, and annual testing of the information security incident response plan, Disaster Recovery plans, and application/network penetration/vulnerability assessments.
- Develops and maintains IT Operations Service Level Agreements (SLA) and ensures IT Operations staff adheres to these SLAs.
- Minimum bachelor’s degree in computer science, business, finance, information systems, mathematics, or a closely related field; a Master’s degree is highly desired.
- 5+ years of information technology experience, including three years of management experience with solid information security and enterprise-wide administration background.
- Current information security certification such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).
- In-depth knowledge of information security technologies, markets, and vendors, including firewalls, intrusion detection, assessment tools, encryption, certificate authority, and web and application development.
- Strong knowledge of NIST standards.
- Strong knowledge of information systems industry and best practices in network, application, and hardware platform security and the ability to apply them effectively.
- Strong knowledge of application security, database technologies used to store enterprise information, directory services, and information systems auditing.
- In-depth critical and analytic thinking skills that provide effective assessments and solutions to unique problems and projects.
- Ability to quickly and effectively react to daily threats from external and internal sources.
- Ability to construct and maintain effective relationships with vendors and strategic partners.
- Very strong oral and written communication skills, including the ability to communicate professionally, effectively, and persuasively both orally and in writing to business and technical users; includes the ability to effectively explain complex information and tailor presentations to a specific audience.
- Ability to treat confidential information with appropriate discretion.
- Strong knowledge of computer networks, directory services, virtualization and storage technologies, and hardware and High Availability (HA) systems.
See more open positions at Rplate
Something looks off?