Our client has an exciting opportunity for an IT Security Manager whose primary function is to develop, implement, manage and monitor security policies, technology, processes and procedures related to the IT infrastructure to ensure that information and resources are protected from unauthorized access.

The IT Security Manager will oversee all technical security investigations and manage the implementation of any corrective actions and / or follow through on resolutions and security incidents. The position will oversee the security access request process and will challenge / return security access requests that are not in accordance with the company’s policies.

Monitor and report on key IT processes, perform scheduled SOX / internal control security audits.
' Confirm required changes are authorized by appropriate business owners and completed by designated security administrators.
' Document findings from each audit performed. Review findings with IT management, business owners and appropriate security administrators.
' Confirm security log reviews for servers, firewall and network devices are completed as scheduled and potential security incidents are documented and resolved in a timely basis.
' Confirm backups and / or replications are completed as scheduled for all systems and issues are resolved in a timely basis.
' Ensure timely implementation of critical security patches.

Advise IT staff on Internal Controls and Sarbanes Oxley requirements. Create procedures and documentation for internal controls. Monitor compliance to all security related controls. Provide auditors with requested info as directed by IT Management.

Maintain employee card access system and photo ID system.

Recommend and implement contingency and disaster recovery policies and plans. Propose test plans and conduct annual recovery tests.

Proactively identify threats to information and resources, and identify options to mitigate that threat.

Lead the engineering of new security technology and practices and optimize personnel productivity and operational visibility around the currently installed technologies.

Provide assistance with security projects and communication efforts will little direction, and lead security projects related to administration efforts and process improvements.
Experience:

Technical Skills:
' SOX and Internal Controls compliance audit experience for IT either in an audit capacity or in an IT position responsible for implementing audit controls.
' Familiarity with audit controls, especially separation of duties for accounting / business systems.
' Familiarity with user account management processes including account roles and profiles managed within multiple platform directories.
Demonstrated experience within a large organization:
' Managing and supporting network, server and application security services
' Evaluating threats (virus and intrusion) and taking proactive actions to mitigate them
' Defining enterprise wide security frameworks
' Administrating multiple operating system directories including MS Windows, Sun Solaris, and Apple OS

Communication Skills:
Able to prepare and present concise oral and written reports
Able to set direction, project manage, and gain consensus
Able to gather, analyze and evaluate facts