IT Security Manager - Compliance

IT Security Manager - Compliance

The IT Security Manager will provide direction and management for information technology security, controls, and compliance activities throughout US and Canada.

Essential Duties:

This position will be accountable for managing the relationship with internal and external audit to ensure compliance with existing and emerging standards such as Sarbanes Oxley, PCI, MA-WISP, and other such legislations.
• Develop business requirements to design & implement secure solutions to meet customer needs while protecting corporate assets.
• Develop and implement security awareness, security standards, procedures, and guidelines for multiple platforms and diverse environments.
• Prepare Quarterly Security reports for presentation to senior management
• Manage vendor relationships with the Managed Security Service Providers (MSSSP)
• Implement standard information security procedures
• Utilize industry-standard security best practices and policies to conduct detailed vulnerability assessments and implement recommended security safeguards to protect all United Rentals IT assets.
• Design, document, implement, and assess information security policies.
• Ensure compliance with established security incident reporting procedures and perform tests of information technology controls required as by SOX or other legislative requirements.

Monitor security applications and MSSP updates to ensure compliance with corporate policies and procedures with limited supervision
• Analyze security breaches to determine probable cause and take immediate corrective actions
• Participate in security risk and vulnerability assessments and address immediately any risks that would pose a significant threat to UR
• Develop and implement security related policies based upon risk based analysis

Assist in the review, implementation and maintenance of IT security technology and best practices
• Attend vendor interviews and product demonstrations and provide input to management on software/hardware
• Conduct the testing of security tools

Job Requirements:
• Bachelor's degree required

• CISA, CISSP or other related designation is preferred. PMP certification a plus.

• Five plus (5+) years of audit/security experience in an information technology environment.

• Familiarity with Sarbanes Oxley legislation and other legislation which impact data security.

• Demonstrated ability to generate new ideas and resolutions for improvement of the department/company.

• Ability to successfully adapt to change and shifts in priorities as necessary.

• Must proactively recommend solutions to problems.

• Arrives at sound solutions through analysis and weighing of relevant facts.

• Must work well collaboratively within group and cross functionally to achieve goals.

• Strong verbal and written communication skills; communicates clearly and appropriately for target audience. Professionally shares information with department/branch associates to improve overall communication.

• Deals constructively with conflict and responds professionally; focuses on the situation/issue, not the person.

• The extent to which an employee acts quickly, independently and resourcefully when the situation demands it; sees a need and takes appropriate action without being prompted or reminded; proactively recommends solutions to problems. Initiates additional activity when workload allows.

• Demonstrates the ability to plan and organize work. Meets deadlines on work projects and assignments.

• Demonstrates sense of urgency; responds to requests in a timely manner and understands the need for timely work.

• Project management experience a plus

Working Conditions: Office environment. Sitting at the desk and working at the computer. Ability to lift 35 lbs. Must be able to respond to security events as required.

Disclaimer: Other duties assigned as needed.