IT Security Manager

Title: IT Security Manager

Location: Atlanta, GA 30345 (Hybrid)

Duration: 8 Months Contract (With a possible extension)

Job Description

• As the Information Technology Security Manager, reporting to the CISO, the selected candidate will perform technically and lead the hands-on technical team in managing IT security tools, automation, compliance standards, development, and delivery of best practices for security architecture and system design to ensure information and cybersecurity of all systems across the enterprise.
• Implement processes and methods for auditing and addressing non-compliance to information security standards, facilitates migration of non-compliant environments to compliant environments.
• Conduct studies within and outside the organization to ensure compliance with standards and currency with industry standards norm.
• Manages and participates in the planning and implementation of security administration for all IT projects.
  

Primary Duties & Job Responsibilities

• Complete task designed to ensure security of the Agency’s systems and information assets through confidentiality, integrity & availability.
• Implement confidentiality measures that protects against unauthorized access, modification, or destruction and helps to develop IT security policies and standards to support the security
  

objectives.

• Develop and enforce the organization's security policies and procedures, security awareness
  

program, the information security portion of the business continuity and disaster recovery

plans, and all industry and government compliance issues.

• Work with end users to determine needs of individual divisions and offices within the
  

department.

• Conduct Risk Management analysis to identify areas of risk and develop security measures
  

to prevent loss and assist in the Mitigations of those risks.

• Participate in training, self-study, and statewide initiatives on security standards and best
  

practices to serve as a valuable go-to security subject matter expert for the Agency Actively monitor the Agency’s infrastructure and systems for security threats.

• Actively manage various security programs/platforms, monitors the use of data files, and regulates access to safeguard agency information in those computer files.
• Work with business owners, IT managers, Agency Staff, and vendors to provide timely and
  

efficient IT coordination of security services to meet Agency business needs.

• Create reports on status of Agency information security programs and projects and communicate reports to the CISO, senior management and the leadership teams.
• Develop, deliver, and maintain security standards, system security plans, best security and operations practices, architecture, and systems. Implement IT system security plans, projects,
  

and other initiatives.

• Share directly with the InfoSec Team on matters concerning the Agency’s security status &
  

posture.

• Assists in Information Security Investigations, Threat Assessments and Mitigations
  

Assists with numerous Information Security tools and programs.

Required Qualifications

• Bachelor’s degree in computer science or information technology
• 5 years or more of relevant professional experience in Information and Cybersecurity
• 3 years in a specific field of IT Security,
• 1 year of which must include management experience.
• Hands on working experience with at least two or more of these security technologies (e.g., Vulnerability Management, Penetration Testing, Email Security, EDR, MFA, SIEM, IPS, Firewalls)
• Possess one or more current industry certifications relevant to the job e.g., Security+, CASP, CISSP, CISM, C-RISC, CISA, SANS certifications, or equivalent experience.
• Experience with security tools and technology such as, i.e., FireEye (Trellix), Tenable.io, Nessus, Splunk, SolarWinds, Varonis, GRC tools, CrowdStrike Falcon, and LogRhythm.
• Knowledge & experience with cloud technologies: Amazon Web Services (AWS), to include WatchGuard, Guard Duty, Identity & Access Management (IAM), Microsoft Azure.
• CloudTrail, CloudWatch, Audit Manager.
• Technical knowledge in endpoint security, VPC, VPN, Firewall, network monitoring, intrusion detection, web server security, and wireless security.
• Practical experience in systems administration, vulnerability management, endpoint management, and email security operations and management
  

Excellent analytical and critical thinking skills to identify possible threats.