Duties and Responsibilities:
• Manage all security operations for the IT/IS department.
• Set and enforce compliance regulations and standards.
• Develop information security policies.
• Develop policies, procedures, and standards.
• Maintain adequate controls.
• Maintain data confidentiality.
• Enforce regulations, procedures, standards, and policies.
• Monitor and continuously assess risk.
• Control and document all activities performed by employees.
• Provide guidance and direction for all IT/IS staff.
• Advise management on IT/IS costs and budgets.
• Develop, implement, and adhere to a company code of conduct.
• Develop, implement, and adhere to a company code of ethics.
• Approve all employee IT/IS access requests.
• Provide IT/IS departmental and project specific oversight.
• Provide IT/IS project management support.
• Serve as the company’s lead information security manager, overseeing all security initiatives, policies, and procedures.
• Develop, implement, and monitor information security policies and procedures.
• Develop and implement information security strategies including vulnerability assessments and penetration testing, and cybersecurity awareness and training.
• Translate IT security risks into actionable requirements.
• Develop and maintain an information security budget and oversee IT spending.
• Research emerging security threats and vulnerabilities and advise management on appropriate countermeasures.
• Create and implement strategic plans to secure the company’s IT infrastructure.
• Perform risk assessment and vulnerability analysis.
• Promote the company’s information security reputation.
• Evaluate adequacy of third-party service providers.
• Perform IT asset inventories and provide detailed reports for budgetary purposes.
• Develop and implement security incident response plans.
• Monitor and audit IT and company records.
• Award IT contracts and ensure compliance with contract terms.
• Develop and enforce IT security.