Chicago Information Security Manager

My name is Mark Kolar and I am an executive recruiter with the search firm Harmer Associates ( www.harmer.com ) I am currently working on a seinor role for a Information Security Manager for one of our major chicago based financial clients. Pay on the position is mid 100's total package.

Feel free to forward this to anyone you know who would be interested and have them follow up with me directly via email at mkolar@harmer.com.

Thank you for your consideration.

Mark Kolar
Harmer Associates
Specializing in Placement of
Information Systems, Finance, Accounting, and Human Resources (312) 407-7180
www.harmer.com         

Summary: Manages Information Systems Security (InfoSec) operations, including administration and engineering support activities. Supports both internal and external customers. Assists in the development and implementation of security standards, procedures, and guidelines for multiple platforms and diverse systems environments (i.e., distributed client/server, web, and mainframe systems). Identifies and escalates changes that will affect information security policy, standards and procedures. Performs related duties as assigned.         

Essential Duties and Responsibilities:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Management of the security platform, implementing security services, and support of strategic project objectives. InfoSec Manager duties include:
 Supervising production Common InfoSec Services (CIS) to assure daily
quality standards are met without compromising security.
 Establishing and monitoring Service Level Agreements (SLAs) with
internal and external customers.
 Management of InfoSec implementation plans, security product purchase
proposals, and project schedules.
 Assisting in budget planning and management activities.
 Coordinating resolution of resource issues (employees, vendors,
equipment) with the Business and Technical Leads.
 Coordinating activities with other departments (e.g. database
administration, communications, Application Development, project office, etc.).
 Maintain the “InfoSec activities list”, coordinating resolution issues,
and communicating status to management.
 Ensuring that deliverables stay on schedule and budget, escalates
slippage and cost overruns to the management
 Proactively planning for potential problem areas and reviews both
project and production problems with management.                    

Supervisory Responsibilities:

        Oversees day-to-day security administration and engineering operations (4-6 staff/consultants). Responsibilities include:
 Mentoring staff and promoting an aggressive cross-training program, with
focus on implementing InfoSec / SDLC objectives
 Assigning personnel to projects and directing their activities.
 Maintaining Project Office Compass and coordinating support issues with
Project Sponsors.
 Maintaining Personal Expectation Plans (PEPs) and monitoring progress to
satisfy employee and management goals.
 Initiating personnel actions (hiring, promotions, terminations, etc.).
 Conferring with and advising staff on administrative policies and
procedures, technical problems, priorities and methods.
 Maintaining Employee Development Plans (EDPs) and scheduling employee-
 classes, conferences and seminars.         

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Qualifications:
The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

        Requires excellent analytical ability, consultative and communication skills, strong judgement, and the ability to work effectively with IT staff/management, vendors, and consultants. To be successful, the InfoSec Manager should have:
 More than ten years of progressive experience in computing and security,
including experience with Internet technology and security issues.
 Industry knowledge of InfoSec technologies and management practices
(e.g., an understanding of security standards such ISO 17799 and Department of Commerce NIST Publications).
 Proven ability as a member of a management team able to communicate
technical and security-related concepts to a broad range of technical and non-technical staff.
 Ability to work and effectively prioritize in a highly dynamic work
environment.
 Member and participant in industry panels and organizations such as
ISC2, Security Focus, CERT, ISSA, SANs, etc.         

Technical Skills:
Technical Skills (continued) Prior hands-on experience in planning, testing and deploying InfoSec systems; with demonstrated proficiency in firewall, router, intrusion detection, compliance monitoring, and switching technologies.
The InfoSec manager should have a working knowledge of the following:
 Firewall systems (e.g., Checkpoint FW1)
 Remote access / Virtual Private Networks (e.g., VPN, Cisco Secure)
 Strong authentication (e.g., RSA ACE/SecurID)
 Security architectures (e.g., CORBA, PKI, RBAC)
 Intrusion Detection Systems (e.g., ISS Real Secure)
 Security Audit (e.g., PentaSafe Vigilent Security Manager),
 Web Access Control Systems (e.g., Netegrity SiteMinder)
 Mainframe architectures (e.g., OS-390, ACF2).
 Internet/Web services (Iplanet, Websphere)
 Communications Security (e.g., Internet, PTSN, Frame Relay, etc)
 Mainframe architectures
 Database management systems such as Oracle and DB2
 Client/server platforms including Sun Solaris and Intel/Windows
 Distributed message-based architectures such as J2EE
 Storage architectures including SANS
 Word processing software and spreadsheets, project planning and
management tools.
 Internet security services (Iplanet, Websphere)
        

Education and/or Experience:  Bachelors degree in Computer Science or a related discipline.
 Ten or more years experience in IS Security operations and management.
 Five or more years experience in managing people and projects.
        

Certificates or Licenses: Professional Security and/or Network Certifications a plus (e.g., GIAC, CISSP, CISA, MCSE, CCNP). Received on Thu Apr 24 17:10:15 2003