Manager, Information Systems Security Operations
Full Time
Farmington, CT 06032
Posted
Job description
Reporting to the Executive Director, Technology Strategy & Transformation, the Information Security Operations Manager is responsible for and will oversee and participate in the day-to-day operations of The Jackson Laboratory’s information security solutions across all U.S. sites and globally (Japan and China). Additional responsibilities include the selection of appropriate security solutions, oversight of vulnerability audits, security risk assessments, and management of Information Security Incident Response remediation team(s) to decrease and limit damages from such incidents.
The Information Security Operations Manager will be responsible for the supervision and development of 1-4 Information Systems Security Analysts in best practices for systems and applications security, planning, and sourcing. The incumbent has budgetary responsibility and is accountable for the proper use of budget resources; for order requisitions; for approving invoices. The incumbent works with vendors to maintain operations, resolve technical issues, and complete projects.
The Information Systems Security Operations Manager must have proven communication and problem-solving skills to initiate and assist on issues related to the secure design, development, deployment, and support of information systems holding the Laboratory’s critical data assets whether internally or externally hosted. The Information Security Operations Manager is required to interface with peers in the IT Department including Systems Administration, Network & Communications, Applications, Project Management, and Service Desk as well as executives, business leaders, and computer systems users throughout the organization.
This position is eligible for remote work with expected travel to JAX's Farmington, Connecticut and Bar Harbor, Maine campuses
Key Responsibilities
Operations
- Work closely with IT staff to direct the security of existing information, computer, network, and processing systems. Ensure the confidentiality, integrity and availability of JAX data during processing, transmission or at rest to/from/between JAX workstations, servers, databases and applications whether on-premise or externally hosted.
- Focus on continuous process development and improvement of information systems security operations
- Participate in the design and supervise the implementation of recommended information security controls associated with new project application/system deployments
- Supervise all investigations into information security incidents and provide ongoing communication with senior management.
- Lead the design and execution of vulnerability assessments, penetration tests, and security audits.
- Lead daily log and exception alerts review with appropriate follow-up, investigation, or remediation.
- Establish Service Level Agreements for Information Security Incidents and Requests in ServiceNow. Measure response to SLA.
- Remain informed on trends and issues in the security industry, including current and emerging technologies and prices. Advise, counsel, and educate executive and management teams on their relative importance and financial impact.
- Maintain current knowledge of regulatory requirements for information security controls. Craft and recommend changes in security policies and practices in accordance with changes in regulatory requirements, and local or federal law. Audit for compliance (PCI, HIPAA, FISMA, etc)
- Develop and lead utilizing process automation to gain efficiencies for information systems security operations
- Assist with the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements.
Leadership & Management
- Provides clear direction to and manages an organization of professionals:
- Create clear performance and career development plans.
- Recognize and reward performance and where necessary, initiate corrective actions to cover shortfalls in performance.
- Encourage an environment of teamwork.
- Foster an atmosphere of innovation in the right places.
- Cultivate, disseminate, and enforce functional policies, procedures, and quality assurance best practices
- Manages the allocated budget to IT standards, following all legal, regulatory, and IT guidelines and SOPs:
- Constantly evaluates actual needs and reflects them in the forecast events, releasing budget when not required
- Constantly strives to achieve or exceed industry standard costs
- Participates as a member of the IT management team in planning, problem resolution, and reviewing department performance:
- Aligns and prioritizes the capabilities of the security team to IT Department goals
- Supports the System Development Life Cycle and the Incident, Capacity, Availability, Release, and Change Management processes with regard to information security.
- Participates in short and long-term strategic departmental planning and technology roadmap development. Translates new technology solutions into security operational practices.
Communication
- Understands and supports the wider Information Security agenda through direct action.
- Establishes and maintains regular written and in-person communications with the organization’s computer systems users regarding pertinent Information Systems Security activities.
- Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure JAX-wide understanding of security goals, to solicit feedback, and foster co-operation
Qualifications
- Bachelor's degree in computer science or related field with at least 7 years in an information systems security or engineering role. Additional experience in equivalent information systems security work may substitute for a college degree but will be evaluated on a case-by-case basis.
- Demonstrated strong technical knowledge of encryption & digital certificates, networking components including IDS/IPS & Firewalls, and log management, Syslog analysis, and TCP/IP analysis.
- 3-5 years management of experience with a proven track record of development and coaching staff
- Knowledgeable in network switching and routing, firewall and intrusion detection and prevention systems, network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- Ability to handle multiple tasks/projects at the same time and complete projects successfully and on time
- Ability to develop and recommend solutions to complex problems often under time constraints.
- Ability to analyze complex strategic goals and initiatives and then develop executable plans to achieve goals as well as integrating best practices
- Self-starter, with the ability to thrive in a fast-paced and dynamic environment
- An open mind, excellent oral and written communication skills, a keen listening ability, and the ability to manage relationships with a diverse client base and work as part of an integrated team
- High integrity team player, who inspires others to perform at high levels
- Strong interpersonal and communication skills and ability to work effectively with a wide range of constituencies in a diverse community
- Proven team player and proven record of establishing and maintaining a productive and positive work environment
- Advanced knowledge in vulnerability assessment and penetration tools for systems and web security including cross-site scripting, SQL injection, cross-site request forgery, HTTP response splintering, the OWASP Top 10 and SANS Top 20 and remediation techniques
- Advanced knowledge of system monitoring and reporting tools including SIEMs, FIM, etc.
- Demonstrates exceptional customer support, quality, and balanced security risk focus
- Travel and availability for on-call support as escalation manager
- Excellent coordination and organizational skills
- Innovative, responsible and reliable
The salary range is $ $105,211 - $180,848 Salary will be determined based on qualifications and experience
#LI-Remote
About JAX:
The Jackson Laboratory (JAX) is an independent, nonprofit biomedical research institution with more than 2,400 employees. Headquartered in Bar Harbor, Maine, it has a National Cancer Institute-designated Cancer Center in Augusta, Maine, a genomic medicine institute in Farmington, Connecticut, and facilities in Ellsworth, Maine, Sacramento, California, and Shanghai, China. Its mission is to discover precise genomic solutions for disease and empower the global biomedical community in the shared quest to improve human health.
JAX employees work in a collaborative, value-driven, and team-based environment where the focus is on advancing science and improving patients’ lives. Researchers apply genetics to increase the understanding of human disease and advance treatments and cures for cancer, neurological and immune disorders, diabetes, aging, and heart disease. JAX was voted among the top 15 “Best Places to Work in Academia” in the United States in a poll conducted by The Scientist magazine!
EEO Statement:
The Jackson Laboratory provides equal employment opportunities to all employees and applicants for employment in all job classifications without regard to race, color, religion, age, mental disability, physical disability, medical condition, gender, sexual orientation, genetic information, ancestry, marital status, national origin, veteran status, and other classifications protected by applicable state and local non-discrimination laws.
seankuhnke.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, seankuhnke.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, seankuhnke.com is the ideal place to find your next job.