Manager Digital Security and Risk

at  TTX

JOB SUMMARY

The Manager Digital Security and Risk is responsible for identifying, evaluating, and reporting on information security risks, and for establishing and maintaining a corporate-wide information security and risk management program to ensure that data and system assets are adequately protected. This position is also responsible for understanding the current and future needs across lines of business to recommend and champion improvements and enhancements to existing and future implementations. The Manager Digital Security and Risk must drive a culture of excellence by leading and mentoring a team of security analysts and engineers on both technical and soft skills, focusing on straightforward, automated, and modern solutions and processes that address risks as well as potential problems before they result in service interruption. This position works with business units to implement practices that meet defined policies and standards for information security and oversees a variety of IT-related risk management activities and is responsible for management of and coordination with third-party service providers that are integral to the information security program. This is a hands-on technical management role.

QUALIFICATIONS

• Bachelor’s degree in Information Science, Information Management, similar STEM degree, or equivalent practical experience
• Minimum 8 years’ work experience combining information security, risk management, infrastructure, and other IT positions
• Minimum 5 years managing technical teams, supporting bi-modal IT environments
• Certified Information Security Manager (CISM) certification highly preferred
• Must keep current with technology and an understanding as how to best deploy it
• Ability to communicate security and risk-related concepts to both technical and non-technical audiences, at all levels of the organization
• Must be able to explain complex technical and analytical concepts using laymen’s terms while articulating their value
• Deep knowledge of information security technologies, including perimeter, host-based, and web application firewalls, as well as endpoint detection and response systems
• Experience with networking technologies covering routers, switches, local area networks, wide area networks, and storage area networks
• Experience with identity management concepts and technologies, including Microsoft AD, Entra, and Cisco Duo
• Experience with Microsoft and VMware server technologies, server operating systems (Windows, Linux), perimeter firewalls, web servers, and e-mail systems
• Experience with private and public cloud technologies, especially Microsoft Azure and Microsoft 365
• Understanding of network microsegmentation concepts and relation to Zero Trust Architecture model
• Independent, motivated, and creative thinker
• Strong, clear and concise communication skills, both orally and in writing
• Strong management skills with ability to collaborate, build consensus, and influence decisions
• Strong planning, organizing, and problem analysis skills, with a high attention to detail
• Ability to use the principles and practices of project management
• Required to carry a cell phone and respond to off hour emergencies within 30 minutes of being contacted
• Travel as requiredOther duties and projects as assigned by the senior management team

PHYSICAL JOB REQUIREMENTS

(The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions.)
While performing the duties of this job, the employee is frequently required to talk or hear. The employee is frequently required to sit (remain stationary within work area) and use hands to finger, handle, feel and reach. The employee is occasionally required to move about (stand, walk). Correctable vision required for close vision capabilities. The typical work environment may include moderate noise (computers, printers, light traffic).
The above job description is intended to describe the general content of and requirements for the performance of this job. It is not to be construed as an exhaustive statement of duties, responsibilities or requirements.