Partner with leaders in IT and other cross-functional areas to oversee company-wide IT Security policies and programs. Manage development and implementation of IT Security policies, programs and procedures and security standards; compliance audits and firewall security issues. Manage IT Security staff. Duties & Responsibilities: Manage development and implementation of corporate policies, programs and procedures to cost effectively protect information systems assets from intentional or inadvertent modification, disclosure or destruction. Sponsor and lead security initiatives to achieve/maintain compliance with relevant security standards, including PCI, GLB and HIPAA. Proactively protect the integrity, confidentiality, and availability of information in the custody of, or processed by, the company, providing reports to management regarding the effectiveness of network and data security and making recommendations for the adoption of new procedures and technologies as required. Collaborate with Sales organization to develop practical solution security in support of customer requirements. Manage and coordinate required industry audits by helping identify issues, anticipate and solve problems, and provide customer service to internal and external customers. Manage IT Security staff. Minimum Knowledge, Skills and Abilities: Bachelor’s degree in related area. 8 years experience in IT, with 5 years of security/infrastructure protection and info security experience. Solid knowledge of Sarbanes Oxley compliance, corporate security and network policies and procedures, and experience in a compliance management leadership role. Solid multi-platform knowledge. Experience in UNIX, Windows, and IP intranet/internet security environments including firewalls, intrusion, detection, incident response, policy writing, vulnerability testing, operating system hardening, regulatory compliance and data classification. Experience in data administration and security methods with
Oracle or similar environments, SQL, plus experience in various database design techniques. Prior business and system presentation practices to all levels of the organization. Experience linking legal and regulatory statutes with corporate policies. Demonstrated competency in strategic thinking with strong abilities in influencing others and relationship management. Demonstrated competency in project management in a cross-functional environment and experience in managing resources across enterprise boundaries to meet goals on multiple projects. Demonstrated competency in developing effective solutions to diverse and complex business problems. Demonstrated leadership skills. Preferred Knowledge, Skills and Abilities: Experience with identity management solutions (e. g., RSA Cleartrust, Netegrity Siteminder, Oblix). Experience architecting and implementing security solutions, policies and technologies relating to transactional web sites. Highly desirable to hold one or more of the following certifications: Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) System Security Certified Practitioner (SSCP) CISCO Certified Security Professional (CCSP) Check Point Certified Security Expert (CCSE) Prosoft CIW Security Professional (CIW-SO) Certified Network Security Professional (CNSP) or Associate (CNSA) Internet Computer Security Engineer (ICSE) WorkflowOne is an EEO/AA/Vets/Disabled employer