CRST The Transportation Solution, Inc. is Delivering Promises and Driving Success to Ensure Everyone Has What's Needed to Live and Thrive. Today, more than ever, we are looking for talented individuals who will help us bring this vision to life.

Manager – Information Security Services

Powered by the expertise of our Solutions Centers, CRST provides a broad array of transportation and logistics solutions. Our IT team supports both end users in the office and drivers out on the road to optimize their experience with CRST. As a team, we are committed to company-wide growth and the development of new, innovative products. Join our team today and make a difference every day.

Job Summary:

The Manager of Information Security Services (MISS) reports to the VP of Infrastructure and Cyber Security Services, MISS leads the information security team and is primarily responsible for the implementation of the IT security program.  The IT security program ensures the confidentiality, integrity, and availability of electronic information by assessing, communicating, and mitigating risk, creating and maintaining enforceable policies and sound practices, and enforcing compliance with regulatory requirements. Key elements of this plan include risk management, vulnerability management, data ownership, security documentation and policies, security training, and incident response.  The Manager of Information Security and the information security team will also be expected to advise and instruct other functional teams on infosec concerns related to areas such as change control (change management), software design, network architecture, and other areas where technical controls related to information security are implemented.  The Manager of Information Security is a technical leadership role requiring the ability to assess the organization’s security measures, design, implement, and enforce security controls, safeguards, policies, and procedures, and work within a broader team of managers, developers, architects, and technicians to identify and mitigate information security risk.

Job Responsibilities:

  • Works with IT and business stakeholders to define and evolve an effective IT security program
  • Manages the information security team and works with IT leaders to implement all elements of the IT security program including but not limited to the following:
    • Risk Management (assessment and mitigation)
    • Vulnerability Scanning
    • Vulnerability Patching
    • Data Classification and Ownership
    • Change Control
    • Security Information and Event Management
    • Security Documentation and Policies
  • Creates/maintains infosec standards based on industry best practices
  • Provides infosec expertise to the technical design of data networks and infrastructure software
  • Provides infosec guidance and instruction to software application developers
  • Establishes companywide information security policies and procedures
  • Manages security audits, threat assessments, and security testing activities
  • Leads the response to network and software system security incidents
  • Develops and manages company-wide employee security awareness training
  • Contribute to the Infrastructure and Application Architecture Reviews

Preferred Skills and Qualifications:

  • Bachelor’s degree in computer science, engineering, or related field or equivalent experience
  • Certified Information Systems Security Professional (CISSP), CompTIA Security+, or demonstrated mastery of industry/government security standards and best practices
  • CISA or CISM Certifications preferred
  • Understanding of CIS security framework as well as NIST 800-53
  • Five or more years of systems and network security experience
  • Strong technical background in systems and network security
  • Demonstrated success in managing technical teams
  • Demonstrated success in managing technical projects and processes
  • Excellent analytical and problem-solving skills
  • Excellent interpersonal abilities
  • Excellent written and verbal communication skills

Tagged as: Information Technology

To apply for this job please visit phg.tbe.taleo.net.