---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Manager, Information Security
Location: Chicago, Illinois, United States
Type: Permanent F/T
Closing Date: 2008-03-16
POSITION ANNOUNCEMENT
TITLE: Manager, Information Protection
LOCATION: Metro Chicago
RELOCATION: Yes
REPORTING TO: Director of Corporate Security
SMR Group an international executive search firm whose global practice is
focused exclusively on professional and executive level corporate security
positions. It’s US based company, Security Management Resources, Inc. is
seeking candidates in behalf of their client for the following opportunity:
SUMMARY
In cooperation with senior management at the client's organization, will be
responsible for the information asset protection program. Responsible for
designing and implementing programs for mitigating identified risks and
protecting the confidentiality, integrity, and availability of the
company’s information assets. Serves as the champion of information
protection by working to ensure business information owners are held
accountable for each of their respective areas as it relates to business
continuity, compliance and securing proprietary information assets. Leads the
company’s efforts in pursuing best practices such as adopting or modeling
the ISO17799/BS 7799 framework.
ACCOUNTABILITIES
• Responsible for overall coordination with all functional areas,
affiliates and parent corporation in order to gain support for information
protection programs that will comply with information security best practices
such as ISO 17799/BS 7799.
• Develops and implements best in class information protection strategies
and methods.
• Prepare, develop and recommend global information protection strategies
to senior management and Parent Corporation in order to protect the
organization's information assets.
• Leads the overall development and implementation of information
protection policies in concert with other functional areas such as Legal, HR
and IT.
• Periodic reports including key performance indicator metrics will be
prepared and presented to various parties including internal groups such as an
“Information Protection Steering Committee.”
• Identifies information protection risks and vulnerabilities and makes
cost- effective, reasonable recommendations.
• In consultation with each business unit, assists in the design and
implementation of an information classification program classified by
information owners, and provides self-assessments designed to uncover areas
needing improvement. Each business unit retains ultimate responsibility for
protecting information.
• Collaborates with each function, in order to ensure that appropriate
internal controls over information security and protection are in place and
routinely tested.
• Will address all aspects of information protection programs across the
company, including those related to statutory requirements such as California
Senate Bill No. 1386 that protects the confidentiality of personally
identifiable customer information, as well as other local, state, federal or
international regulatory bodies.
• Provides subject matter expert guidance to a number of areas including
Legal, HR, Office of Ethics and Compliance.
• Reviews and implements security administration that adequately
accommodates separation of duties where needed.
• Builds and maintains networks with people across organization and gains
support of stakeholders within the Company as needed to achieve plan goals.
• Oversight and responsibility for performing forensic reviews as
necessary.
• Develops and implements information protection awareness programs.
JOB REQUIREMENTS
---------------------------------------------------
EDUCATIONAL REQUIREMENTS
• Bachelors Degree required, Masters Degree or law degree preferred
• Preferred Degrees
• Information systems, Business Administration, Accounting, Criminal
Justice, Management
• Preferred: CISM, CISA, CISSP, CFE, CPA
EXPERIENCE
• 7 or more years related experience
• Demonstrated success in developing and implementing information
protection strategies and programs.
• Worked in a Corporate Security, IT Information Security, Internal
Audit or related field for a minimum of 7 years. Preferably in a leadership
role.
• Understanding and working knowledge of current information security
and protection trends and best practices (GASSP/ISO17799/BS7799).
• Knowledge of U.S. privacy regulations and European privacy standards.
• Working knowledge of applicable concepts and methodologies such as
continuous quality improvement and auditing experience.
• Wide range of technical skills (MS, Unix, SAP, and Oracle would be a
plus).
• This position requires the individual to have excellent organizational
and technical skills.
• Must have exceptional written and oral communication skills.
Experience and ability to communicate with executive team members.
• The individual will need to be able to lead and champion the
initiative with all levels of employees.
• Must have excellent analytical skills, problem solving ability and the
ability to plan for the future needs of our growing company.
CONTACT
---------------------------------------------------
RESUME SUBMITTAL
Interested candidates should submit their resumes via the position posting on
the SMR website at: http://www.smrgroup.org/SMR-Jobs.htm
Global Pharmaceutical Organization
Jay Crawford
jay.crawford@smrgroup.org
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
