Information Assurance Manager Job Description
Information Assurance Manager Duties & Responsibilities
To write an effective information assurance manager job description, begin by listing detailed duties, responsibilities and expectations. We have included information assurance manager job description templates that you can modify and use.
Sample responsibilities for this position include:
Information Assurance Manager Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Information Assurance Manager
List any licenses or certifications required by the position: CISSP, CISA, CPA, CISM, NISPOM, JSIG, DIACAP, DITSCAP, DCID, GSLC
Education for Information Assurance Manager
Typically a job would require a certain level of education.
Employers hiring for the information assurance manager job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Systems, Accounting, Engineering, Finance, Education, Business, Information Technology, Information Assurance, Graduate
Skills for Information Assurance Manager
Desired skills for information assurance manager include:
Desired experience for information assurance manager includes:
Information Assurance Manager Examples
Information Assurance Manager Job Description
- Leading and owning oversight of specific cybersecurity framework development, resilience maturity model development, business process analysis and collaborating with teammates on larger initiatives
- Partners with internal and cross-functional teams, projects, and business customers to document current state process, identify opportunities to improve resilience and assist with moving teams towards ISRM goals
- Participates in the analysis, design, implementation, validation and maintenance of ISRM Cybersecurity Resilience and Strategy program documentation and procedures in alignment with best practices
- Designing and producing prototypes for Key Performance Indicators (KPIs) and other operational resilience measures of efficiency and effectiveness
- Partners with teams across the ISRM organization to help support Cybersecurity Resilience and controls
- Supports cybersecurity resilience optimization projects designed to improve resilience, quality, reduce errors and design a resilience maturity model in support of ISRM projects and services
- Supports and responds to various regulator and audit requests..- Evangelizes, drive and document the adoption of new policies, processes, and technologies in pursuit of improved resilience..- Educates key stakeholders on resiliency best practices
- Consult on highly confidential new relationships
- Provide subject matter expertise in support of contract negotiations related to the information protection and business continuity control and technical support services requirements
- Conduct assessments of critical third parties’ controls (some travel required)
- Knowledge of information security management frameworks, such as ISO 27001, ITIL, COBIT and NIST
- 5 + years experience with leading direct and cross functional team members
- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or other similar credentials
- Collaborate, develop and support the systems and tools to manage information security risk
- Prior experience performing IT general controls and application control reviews preferred
- Prior experience performing SAS70 (now SOC) engagements highly desired
Information Assurance Manager Job Description
- Present information and influence change at the executive management level
- Quickly analyze information security controls, produce clearly written assessments, and provide constructive action items to third parties
- Ensure the business is able to move forward with industry leading technology and relationships all the while ensuring the safety and security of our customers’ data
- Supporting the definition of the IA TPM Program strategy
- Partnering with Program stakeholders (Information Security & Risk Management, Corporate Security Services, Business Continuity and Technology Operations) to maintain necessary control coverage and facilitate the change management for the associated revisions
- Partnering across the TPM community to drive Program revisions/enhancements
- Conducting assessments of third parties' for pilot of new assessment approaches and facilitate the change management for incorporation into the Program
- Identify and implement process improvements across all aspects of the program
- Develops and publishes Company information assurance standards, policies and guidelines encompassing security of sensitive data and intellectual property, operational resiliency
- Represents the company as a knowledgeable resource on cybersecurity threats and risk
- Prior experience in EPIC
- Lab Quality Assurance (QA) experience
- Knowledge of application software development lifecycle concepts, lead and agile best practices, environment and configuration management, test management methodologies and practice (8 years)
- At least 6 years of experience in cybersecurity and risk management concepts and disciplines and internal control assessments
- At least 5 years of experience within an Information Assurance Security
- At least 5 years of Technology Risk Management discipline
Information Assurance Manager Job Description
- Must apply background in auditing and computer systems to verify that any identified IS weaknesses noted are fully addressed and discussed with the government
- Oversees audits of information technology systems
- Requires bachelor’s degree or equivalent, and 12 or more years of experience, including three to five years of supervisory/management experience
- Maintain regular contact with Business units to understand and capture change initiatives
- Own and manage the Information Security Project Assurance process and associated interfaces with other processes, as applicable
- Complete risk assessments for both project and BAU environments with a focus to manage high/critical risks
- Ownership of the Project Tracker, Traceability Matrix and Information Risk Register spreadsheets
- Act as signoff authority for acceptable project risk and stage gate approvals
- Deep technical knowledge of threats to information security and mitigation techniques with specific implications to the Retail sector
- Solid understanding of Information Security Governance, Assurance and Risk Management
- At least 5 years of experience in Security Risk Management
- Master's Degree in Cybersecurity, Information Technology, Information Systems, Information Security, Information Assurance, Business Management, Risk Management, or in Communications
- 6 years of general experience within an Information Assurance/Security or Risk Management discipline
- 6 years of experience in Security Risk Management
- 6 years of experience with either NIST Cybersecurity Framework or SP 800 Series, CERT Resilience Management Model, or COBIT 5, or OCTAVE
- 1 year of experience with Visio.- CISA, CISM, CRISC, CGEIT, CTPRP, ITIL, CISSP, CCSP, Resilience Maturity Management, LEAN certification, or Six Sigma certifications
Information Assurance Manager Job Description
- Expert understanding of penetration testing and other general project test functions
- Excellent analytical skills and ability to solve complex problems
- Providing expertise and guidance on operational information systems security practices
- Top Secret Clearance is required with the ability to obtain an SCI
- Ability to ensure that the security requirements are met, including defining the security mode, protocols and standards
- Able to guide and ensure all security policies, practices, and procedures are implemented
- Ability to develop and maintain System Security Plans (SSPs)
- Ability to assist developers by reviewing system changes for adverse security impact
- Previous experience in the continuous monitoring techniques to evaluate the systems security posture
- Able to evaluate vulnerabilities to ascertain if additional safeguards are needed
- At least 2 years of experience in Information Security, Business Continuity Management, Vendor Management, or Risk Management
- At least 2 years of experience communicating with and presenting to enterprise-wide senior level management
- At least 1 year of experience in Third Party Management
- Bachelors Degree or military experiences
- At least 3 years of experience in Information Security and vendor management
- At least 2 years of experience in Information Security and Business Continuity Management and Vendor Management, and Risk Management
Information Assurance Manager Job Description
- Will also prepare and review internal and external financial statements, incl
- Perform substantive audit testing and assist in engagement management
- May be assigned to various, unanticipated sites throughout the United States
- Supporting the government in providing technical assistance in support of the DoD, DA, and FORSCOM inspections and Staff Assistance Visits (SAVs)
- Supporting administration, drafting, reviewing, updating policy and guidance that implements Federal and DoD policies and requirements based on the FORSCOM and subordinate units/sites mission and environment
- Assist with drafting, annual reviewing, editing, updating, analyzing, and recommending guidance, Standard Operating Procedures (SOP's), Tactics, Techniques, & Procedures (TTPs), Plan of Action and Milestones (POA&M’s) for FORSCOM and subordinate units/sites
- Assist in collecting, compiling and reporting APMS, and FISMA, or successor program compliance metrics for FORSCOM, G6, CSID, Cybersecurity Branch and subordinate units/sites unclassified and classified networks, devices, personnel and systems using the eMASS
- Support the government in formulating and documenting technical approaches to review, establish, and maintain standards and site security procedures
- In this role the candidate will also be involved in decisions regarding the hiring, firing, promotion, and award decisions concerning direct reports
- Systems Project Management
- Self-motivated, detail-oriented and pragmatic
- Team player who is analytical and solution-focused while meeting deadlines
- At least 2 years of experience communicating and presenting to senior level management
- At least 1 year experience in Third Party Management
- CISSP, CISA, and CRISC certification
- 2 years of experience in PCI DSS, CoBIT Framework, Physical Security, and IT Operations Management