Job Title
Cybersecurity & Compliance Program Manager
Date Posted
3/5/2021
Job Type
Full-Time Regular
Job Description

Cybersecurity & IT Compliance Program Manager – Perm Position – Greater Memphis Area


Our rapidly growing client is looking for a Cyber Security and Compliance Manager. They offer a stimulating workplace based on open collaboration, personal development and future opportunity. They are is driven by a unique company culture that values knowledge, experience, and the importance of offering our customers an incomparable depth of product and application expertise.

The Cybersecurity & IT Compliance Program Manager is responsible for identifying and using appropriate industry frameworks and best practices to measure effectiveness, continually improve program performance and properly protect Company’s information assets.

In addition, the role will act as a security solution architect, working with peer teams to ensure changes, upgrades, and new implementations advance information security appropriately.


Key Responsibilities Include:
• Develop, implement and maintain risk based, comprehensive, information security and IT compliance programs for the company.
• Design, implement and maintain policies and procedures for information security disciplines such as security, awareness and education, risk management, electronic discovery, digital forensic investigations, incident response, vulnerability management, intrusion detection and prevention, regulatory compliance and security operations.
• Facilitate, measure, and continually drive improvements of information security and compliance programs.
• Implement and administer plans, processes and procedures necessary to ensure regulatory compliance including US (CCPA) and Canadian (PIPEDA) data privacy and PCI DSS.
• Partner with Learning & Development to plan and prepare materials for information security awareness and education.
• Lead interactions relative to all security and compliance inquiries, contract negotiations, risk assessments and audits.
• Lead and manage information security incident response activities, risk assessment and risk management activities, and vulnerability assessment and management activities.
• Manage detailed network, operating system, database, and application vulnerability assessments and remediation activities and processes, including those sourced via 3rd party services.
• Oversee operational tasks supporting information security functions such as intrusion detection and prevention, security event log analysis, management reporting, virus prevention and remediation, encryption, network segmentation, remote access and authentication.
• Support and design security solutions that ensure the confidentiality, integrity and availability of systems, networks, information/data and intellectual information.
• Manage security resources in the performance of sensitive investigations requested by Human Resources.
• Lead the vendor/contractor selection process for any third party out-sourced security and IT compliance activity, maintain relationships with those vendors and manage contracts.
• Perform other assigned tasks/responsibilities as needed.

Successful Candidates Will Have:
• Bachelor's degree in Computer Science, Management Information Systems, Business Management or related studies or equivalent work experience
• Minimum of four years of related experience is required
• A minimum total of six (6) years of experience in Information Systems/Technology, with a minimum of two (2) years in a technical IT security role.
• Demonstrated experience leading medium to large-scale enterprise risk management and/or compliance management efforts in a complex and/or highly distributed environment (preferably within a Level 3 PCI merchant or large retail environment).
• Expertise and knowledge in multiple compliance regimes (e.g. HIPAA, PCI, FDA CFR 21 Part 11, FERPA, etc.), information security frameworks (NIST, ISO, COBIT, etc.) and IT risk management methodologies.
• The ability to quantify the risks of different IT architectures, and then communicate to executives how to manage that risk.
• Demonstrated ability to build collaborative organizations working effectively in a cross functional team environment.
• Excellent project management and team participation skills.
• Proven ability to establish standards and procedures and advocate best practices.
• One or more of these relevant certifications are preferred: • CISSP -- Certified Information Systems Security Professional

Please send your resume to: Lisa Barton, lbarton@summerfield.net