Lead-Information Security Job Description
Lead-information security
provides event and incident analysis utilizing security technologies including Intrusion Detection and Prevention Systems, Firewalls and Log Analysis, SIEM, Network Behavior Analysis Tools, Antivirus, and Network Packet Analyzers.
Lead-Information Security Duties & Responsibilities
To write an effective lead-information security job description, begin by listing detailed duties, responsibilities and expectations. We have included lead-information security job description templates that you can modify and use.
Sample responsibilities for this position include:
We’re looking for a technically savvy individual who can conceptualize and clearly communicate, work independently and in a small team environment
Develop and manage the overall Issue Management Process for EIS
Develop Issue & Action Plan Protocols that provide guidance and set expectations with stakeholders on the effective handling of control gaps
Develop a QA process and perform Action Plan Validation and work with owners to make adjustments/improvements where necessary
Work with the EIS PMO and BMO to develop processes for Resource Planning/Demand Management and Risk Based Prioritization of issue remediation
Develop and maintain tools to facilitate issue tracking and self-service status reporting, and produce executive level Issues Management Status Reports
Review results of Third Party Assessments (PWC, IBM, ) and work with Control Owners to raise issues in OpenPages where appropriate
Work with the EIS PMO and project owners to ensure Project Alignment to address existing issues and recommend new projects as appropriate to fill gaps
Manage the MRA Closure Process for EIS owned issues
Lead the Access Management Issue Remediation project to review, assess, prioritize, sequence and develop a roadmap for all access management issues across the firm
Lead-Information Security Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Lead-Information Security
List any licenses or certifications required by the position: CISSP, CISM, CISA, IAM, CCNA, GSLC, CASP, III, IAT, ISO
Education for Lead-Information Security
Typically a job would require a certain level of education.
Employers hiring for the lead-information security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Engineering, Education, Information Technology, Information Systems, Technical, Technology, Business, Computer Engineering
Skills for Lead-Information Security
Desired skills for lead-information security include:
Event collection technologies
Firewalls
Various operating systems
Current and emerging technologies used both within the corporate infrastructure and in delivering customer facing services
Analysis and use of computer forensics tools
Audit reduction tools
Equipment
Maintenance
Phone switches
Steganography and metadata tools
Desired experience for lead-information security includes:
PMP/CAPM preferred
CISM or CISA a plus
ITIL Foundation or Practitioner a plus
Ability to define and optimize business processes/procedures
Strong knowledge of security implications involving a variety of technologies including but not limited to
Of the following certifications
Lead-Information Security Examples
1
Lead-Information Security Job Description
Job Description Example
Our innovative and growing company is hiring for a lead-information security. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for lead-information security
- Provide protection and sustainment of the IA/Cyber requirements for system and information availability, authorization, authentication, integrity, confidentiality and non-repudiation
- Provide subject matter expertise on IA/Cyber controls and implementation requirements
- Maintain accreditation baselines of information systems in accordance with accreditation decisions and ensure compliance with DoD information system security procedures and practices
- Ensure that information systems under their cognizance are operated, managed, secured, and in accordance with (IAW) internal security policies and procedures
- Prepare, maintain, and orally present plans and system-specific security guidance regarding the technical security controls implemented in the information system
- Review and evaluate the security impact of change to the network (e.g., Engineering Change Requests, Change Control Board)
- Review audit records, report deviation of security practices, and report security incidents IAW site-specific requirements for reporting computer security incidents and violations
- Work collaboratively with stakeholders within the line of business and the corporate organization
- Conduct training sessions for functional and business teams on SAP/GRC AC suite
- Supporting the governance processes post migration including testing, enforcing data integrity, reporting and training
Qualifications for lead-information security
- Must meet DoD 8570.01-M, or successor/DoD 8140.01 baseline certification requirements
- Experience in executing leadership and managerial duties
- Experience in the oversight and execution of the Assessment & Authorization processes (a.k.a
- Experience in the oversight and execution of a continuous monitoring/improvement program (to include but not limited to self-inspections, security control assessments, training, log management systems, automated inventory utilities)
- Experience successfully and respectfully interfacing with internal and external customers
- Secret clearance and access
2
Lead-Information Security Job Description
Job Description Example
Our company is searching for experienced candidates for the position of lead-information security. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for lead-information security
- Develop, modify and follow associated corporate and workgroup processes applicable to the role
- Contributes towards the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies and applicable laws and regulations, such as PCI DSS, HIPAA, ISO 27001
- Researches and obtains information on best practices and state-of-the-art innovations in regard to security architecture
- Ensures the McC plan protects all teaching, research and administrative data assets and encompasses the School’s entire universe of departments, programs
- Detect, investigate and respondto information security alerts and incidents
- Proactively and iteratively search through datasets to detect and respond to threats and anomalies
- Produce actionable root cause analysisof security incidents and recommend actionable solutions to reduce the likelihood of re-occurrence
- Identify network, systems and application vulnerabilitiesand perform security assessments using automated tools
- Work with technology support teams and vendors to implement, maintain and optimize Information Security systems that include various endpoint and network logging, monitoring, and prevention systems
- Implement indicators and metrics to maintain the effectiveness of security processes and controls
Qualifications for lead-information security
- Superior analytical skills and a deep understanding of the overall context of business processes and IS technologies
- Superior experience in leading IS people who do not report directly
- Superior experience in identifying and resolving issues between team members or other teams
- Superior experience to translate business requirements into IS capabilities and solutions
- Excellent experience in objectively evaluating IS solutions and making recommendations
- Excellent experience in project planning and execution economic aspects of system management and life cycle
3
Lead-Information Security Job Description
Job Description Example
Our company is growing rapidly and is looking to fill the role of lead-information security. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for lead-information security
- Policy, Plans and Procedures
- Cybersecurity Reporting
- Cybersecurity Engineering/Architecture
- Provide project management for the implementation of Cybersecurity capabilities
- Contributing to formal security reviews of proposed software designs, controls, and test plans, and applying System-Theoretic Process Analysis (STPA) and STPA-derived methods
- Assisting in incident response and analysis
- Analyzing and articulating risks to Internet infrastructure
- Advising engineers in the development of safer and more defensible software
- Proposing new ways to find and/or prevent flaws in Internet-connected software and systems
- Guiding and leading other Architects toward excellence in the above activities
Qualifications for lead-information security
- Experience with Sarbanes-Oxley Act (SOX) and ISO 27000/IEC compliance
- Bachelor's degree in Information Technology or related field (e.g., General Engineering, Computer Engineering, Computer Science, Electrical Engineering, Systems Engineering, Mathematics, Computer Forensics, Cyber Security, Information Assurance, Information Security, or Information Systems) AND a minimum of eight (8) years relevant work experience
- In lieu of a degree, a minimum of twelve (12) years relevant work experience
- Experience with application of the ISO/IEC 27000 series and the Sarbanes-Oxley Act to information security management
- Experience with configuring, maintaining, and architecting business critical information security technology
- Must understand State and Federal security compliance laws
4
Lead-Information Security Job Description
Job Description Example
Our company is searching for experienced candidates for the position of lead-information security. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for lead-information security
- Web Application Firewalls and XML Gateways
- Self-manage security-related projects and initiatives
- Serves as Chairperson of Project Security Advisory Committee
- Reports directly to the Project Manager on all matters related to Security and Confidentiality for the Project
- Responsible for ensuring the Disaster Prevention / Disaster Recovery and Business Resumption Plans are developed, maintained and validated for the Project
- Responsible for reviewing all potential or actual security and / or confidentiality breaches and conducting Risk Assessment and Analysis to develop appropriate Risk Mitigation Plans
- Responsible for preparing and submitting for Project Manager approval all required notifications of suspected or actual breach of protection of beneficiary or confidential information or data
- Serves as the primary liaison with the Cabinet for Health and Family Services Information Security Officer on matters related to Security and Confidentiality
- Responsible for coordinating with the Corporate Information Security Officer the incorporation of Corporate Security Policies and Procedures changes or additions into Project Security and Confidentiality Policies and Procedures
- Responsible for the review and approval of all contract deliverables related to Security and Confidentiality for the Project
Qualifications for lead-information security
- Bachelor’s Degree or higher in computer engineering or in a field related to the computer engineering or computer science disciplines plus 7 years Security Engineering experience
- Bachelor's degree (in field mathematics, telecommunications, electrical engineering, computer engineering, computer science) or equivalent six to ten years’ experience with information security
- Bachelor's degree in Information Technologies, Business Administrative, Audit, Accounting, or Finance required
- Three to five years of related work experience in SOX, Audit, Compliance, Regulations with some Big 4 public accounting and/or Aerospace and Defense and/or Department of Defense (DoD) experience preferred
- 8-10 years of experience in the information technology field, which should include at least 8 years of information security systems data analysis and data management experience
- Successful candidate must be innovative and team oriented
5
Lead-Information Security Job Description
Job Description Example
Our growing company is looking for a lead-information security. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for lead-information security
- Maintain Infosec procedures and report on deployed devices according to the standard build
- Provide cross-training for Ops teams and SOC so that standard performance monitoring and fault management can occur
- Participate in cross-functional project teams along with individuals from IT, Architecture and Development to design and implement security solutions as prioritized by management
- Advise, recommend, and report on risk assessment for site compliance/safety gates for review by Risk Management team prior to implementation
- Maintain adequate compliance documentation presentable for external and internal audits
- Excellent understanding of network and technical security controls required
- Strong IT / IT Security / Architecture background
- Cloud Technology and Security experience desired
- Good understanding of application security
- CISSP certification (or GIAC Gold or Platinum) desired
Qualifications for lead-information security
- Supporting and educating the Product Owner, especially with respect to grooming and maintaining the product backlog- Work cross functionally to align strategy, methodology and execution
- Establish team level cadence and drive team level ceremonies sprint planning, team retrospectives, backlog grooming, in alignment with Program level cadences established
- Supporting the team in documenting the User stories and prioritizing (with Product owner's alignment) in Rally tool
- Willingness to step in and play the technical SA role when needed
- 7+ years of relevant experience as IT PM and/or Agile practitioner
- First level Scrum Master certification CSM, PSM I Preferred - Second level Scrum Master certification CSP, PSM II - PMP certification