Skip to main content

This job has expired

Manager Information Security

Employer
IDEMIA North America
Location
Sterling, VA
Closing date
Sep 27, 2022
A$ A' "A' ?IDEMIA is the global leader in identity and security. Our mission is to create a safe and simple future where identity verification is indisputable, and only you can assert your identity. We are a distributed company leveraging the latest technologies to deliver world-class products in the private and public sectors of finance, telecom, identity, security, retail, sports entertainment, commercial, government, and IoT. We use a variety of technologies and approaches to deliver quality product and services to government agencies and technology companies. IDEMIA is a made up of a group of 14,000 diverse people from different nationalities, speaking over 20 different languages. Together, our solutions impact the everyday lives of citizens and nations. In this ever-changing world, protecting your identity is paramount. Join the team that is ensuring one person- one identity.Job descriptionManages the IT security activities of an organization. Job Duties: Assists with overseeing tasks associated with the protection of systems and databases from unwanted users, disaster recovery, and off-premise storage. Investigates security issues and implements corrective actions. Experience and Education: Comprehensive knowledge of the field's concepts and principles. Performs complex tasks typically following established processes. Leads and directs the work of other employees and has full authority for personnel decisions. Primarily focused on administering established policies and procedures but may have some impact on departmental budgeting, strategic planning, and procedural change. Typically requires BA and 5-7 years.ResponsibilitiesImplement the physical and logical security policies and procedures at local Data Center levels. Primary for Data center, audits Main point of contact for Customers (Data center site certifications) on a monthly basis (must), report to executive management, the current status of security compliance and issues that pose potential security risk to the organization.Be the primary contact for applying and managing scheme and customer audits locally.Be fully responsible for compliance to all customer and scheme security requirements for site certifications Control the requirements and application of the following roles: Key management, Physical security officer, IT Security officer.Lead the site SMG (Security Management Group); Control the implementation of corrective actions and improvements to remediation internal or certification audits findings.Train local staff Review at minimum annually the performance and suitability of the Key Administrator (as part of the PMD) and can recommend a change Check regularly that duties and missions of other personnel involved in Key Management are known and understood.Check regularly that the cryptographic systems and keys are managed properly as per the defined key management processes (eg: investigates all audit log validation failures);Be informed of any change of the network topology and co-signs accordingly the network diagram Review and approve daily, weekly, monthly, semi-annual, and annual task.Approve any change affecting the systems processing sensitive data prior to deployment (configuration changes, new release installation inside HSA )Ensure employees have correct understanding of Company Information Classification System and enforce.Ensure testing systems are not mixed with live production systems Support the organization / interface the customer on sensitive data exchange processes (key and files)Ensure the site compliance with the local data privacy regulations Respond to security alerts Review quarterly if BAU (Business As Usual) activities are being followed according to internal policies and procedures. Reports will be analyzed in regular SMG meetings.Change Management (CAB) Review / approve standard change requests in JIRA Emergency CAB when required VA scanning (DFS).Supervise local IDEMIA / Third Party staff in Data center Contract management with local ISP's Management of issues with On-call during critical system issues in Data center Review security reports on daily basis Annual review of Data Center policies Quarterly review of key admin safe logs. Critical SkillsExperience in Operations and Management of business and non-business,Operational Reviews & Audits,Experience in Datacenter Infrastructure management, Datacenter full lifecycle from commissioning to decommissioning, maintenance, monitoring,Data Center on premise experience (potentially some cloud experience would be a plus),PCI and GSMA exposure in terms of being audited against these schemesThird party, Vendor Management,Change Control Attendance and Approval (where needed) CABSecurity Member Group (Meetings)Datacenter ManagementDatacenter Site MonitoringPlanned & Predictive MaintenanceDatacenter Emergency ResponseAudit experience (clients, third parties), information security attestations would be a plus such (Comptia, CCNA, Infosec certifications)

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert