IT Security Manager
Job Title: IT Security Manager
Department: Information Technology
Reports To: Director of Information Technology
The IT Security Manager is responsible for developing, maintaining, and publishing corporate information security standards, policies, procedures, and guidelines for IT systems across all platforms. The IT Security Manager performs two core functions for the enterprise. The first is overseeing the development and operations of the enterprise's security policies, procedures and solutions through management as well as “hands on” working skills with the organization's security analysts and applicable third party resources. The second is establishing enterprise security governance through policy, architecture, administrative procedures and training processes. Tasks will include the selection of appropriate security solutions and their application, oversight and execution of any vulnerability audits and security assessments. The IT Security Manager will direct and manage security-related projects from beginning to end. The IT Security Manager is expected to interface with their peers in the Systems, Network, and Applications departments as well as with the leaders of the business units to both share the corporate security vision, communicate on security related topics/issues with Casino Arizona management and to solicit their involvement in achieving higher levels of enterprise security through information sharing, training and co-operation.
This role is responsible for data protection of key company assets, perimeter security, remote access security, vulnerability assessments, Credit Card / Credit Network and remediation designs, and security awareness program rollouts. In addition, the Security Manager defines, develops, and implements Security Administration across a broad set of systems, while defining and creating role authorizations needed to maintain a properly controlled environment. The position holder also ensures compliance with all legal, regulatory, and corporate policy requirements. The IT Security Manager oversees audits and works with independent third party organizations in responses and management of remediation findings.
Directly supervises and manages the daily activities of the Senior IT Trainer, IT Trainer and the Systems Specialist III. Responsibilities include including interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding and disciplining employees; addressing complaints and resolving problems.
Education and/or Experience
* Bachelor's degree (BA/BS) in Computer Science or related field or equivalent technical certifications and education;
* Experience in managing or deep knowledge of a network infrastructure and the equivalent combination of education and experience.
* Vendor and Project Management skills are preferred
* Demonstrated knowledge of Windows servers and desktop products.
* Demonstrated knowledge of a large scale node network including firewalls.
* Demonstrated working knowledge of current communications devices and protocols, server and desktop technologies.
* Ability to negotiate technical support contracts with vendors.
* Ability to manage multiple projects, activities, and tasks simultaneously.
* Supervising, coaching, and mentoring of network staff.
* Facilitation and change management skills.
* Highly developed verbal, written communications along with negotiation and communications Skills
* Active Certified Information Systems Security Professional – CISSP or other “Common Body of Knowledge for information security” experience.
* Demonstrated ability with perimeter security, including hands-on experience with Firewalls, IDS/IPS
* Demonstrated ability in driving security awareness programs from top to bottom
* Substantial proven Security technical lead experience (3 or more years) in a major implementation in a medium or larger business setting.
* Data (ePHI and PCI) Security experience is the primary requirement along with technical project team security leadership skills.
* Demonstrated experience in personnel management.
* Has formal managerial responsibility for multiple employees
* Experience in managing the activities of third-party System Integrator contractors/consultants
* Direct work experience in a project management capacity, including all aspects of process development and execution.
Certificates, Licenses, Registrations
The candidate should have deep experience with network systems (CISCO), Microsoft, UNIX, and others. They need to constantly upgrade their knowledge regarding computer and internet technology and to have training and certification regarding network management. The candidate should have experience in administering the networks.
Proficient relevant experience in the Microsoft suite of desktop and server based products including active directory. The candidate must demonstrate experience with AS400 and Unix/RS6000 environments. She/he should command and in-depth experience creating and implementing overall network infrastructure designs. She/he must fully grasp a high-level understanding of complex integration requirements among various technologies and environments. Must have experience with Routers, Switches, Firewalls, Wireless Access Points and Intrusion Detection Systems preferably using Cisco equipment. Must have experience with anti-virus solutions, internet monitoring software, network monitoring software and user provisioning solutions. The candidate must have in-depth understanding of voice - data communications systems along with voice over IP. The candidate must have the ability to read and interpret general business periodicals, professional journals, technical procedures, or governmental regulations.
Practical knowledge and experience with information technology and network security and infrastructure application best practices is preferred. The candidate:
* Must have proven ability to rapidly assimilate and apply new technical knowledge based on departmental and organizational goals and objectives.
* Must have demonstrated the ability to manage, track and staff simultaneous initiatives.
* Should have a working knowledge with capital budgeting and cost/benefit analysis.
* Must have the ability to work with high degrees of professionalism and autonomy which promotes progress through teamwork in a collaborative environment.
* Must have a grasp of technology from a “big picture” integration perspective.
* The individual must have strong logic and analytical skills to define, dissect problems, collect data, establish facts, and draw valid conclusions and communicate those findings.
* Must have ability to present concepts to executive leadership and technical communities. Must possess excellent organizational and follow through skills.
* Customer Service oriented.
* Must have excellent written and verbal communication skills as well as facilitation skills.
Additionally, the candidate must have the ability to develop positive working relationships with vendors and business areas, work well under time constraints.
While, Industry-specific knowledge Gaming, Accounting, Operations and Marketing is a plus, it will not preclude a review and possible insertion to the position. Critical to the role is that the individual must have must be able to work flexible hours, including hours beyond the normal schedule when necessary and recognize that occasional travel may be required as needed.
Must be able to read, write, speak, and understand English.
While performing the duties of this Job, the employee is regularly required to stand for prolonged periods of time; walk; use hands and fingers to handle, or feel; reach with hands and arms; climb or balance; stoop, kneel, crouch, or crawl and talk or hear. The employee must regularly lift and /or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and ability to adjust focus.
While performing the duties of this Job, the employee is regularly exposed to secondary smoke. The noise level in the work environment is usually moderate to loud.