IT Security Manager

About the position

In the role of IT Security Manager, you will lead the security team and be responsible for architecture, design, implementation, and management of our security framework in AWS, Azure, Microsoft 365 and other SaaS platforms. This person is responsible for moving us forward into automating our security framework for ACA Group (“ACA”)’s cloud software as well as internal corporate infrastructure. Driving the team to be successful and ensuring all deliverables are met is critical to success. This person will work closely with Information Risk on the execution and enforcement of our information security programs. Additionally, this person will be the primary contact for our due diligence and audit teams, maintaining a repository of answers and evidence required to meet our obligations to clients and auditors for security certifications.

Responsibilities

• Lead the development and execution of the security strategy for ACA’s technology systems
• Manage and mentor staff to ensure they are successful and meet required deliverables
• Collaborate with Information Risk on the development and compliance of corporate security policies
• Collect and organize evidence and information about our environment for use in answering client Due Diligence questions as well as other audits such as SOC and ISO 27001
• Define and develop security monitoring standards
• Define and implement security policies and controls
• Develop automation to detect and enforce adherence to defined policies and controls
• Develop automation to detect configurations that do not align with security best practices
• Develop security dashboards for varying audiences from engineers to management
• Manage the IT Security budget and balance the cost of the security tools against provided value
• Participate in the design and implementation of disaster recovery and business continuity to ensure they operate following security baselines
• Craft and communicate creative and practical solutions to problems
• Perform ad-hoc work/special projects as necessary to support ACA on various client and internal initiatives

Requirements

• Bachelor’s Degree required – major in Cybersecurity, Information Security Management, Computer Science or Management Information Systems preferred
• A minimum of seven (7) years of IT experience, with five (5) years in an information security role and at least two (2) years in a supervisory capacity
• Experience performing security risk assessments and compliance audits

Nice-to-haves

• 3+ years’ experience in AWS or Azure Cloud Security & Security Automation
• Familiar with GDPR, SOC, NIST, and ISO 27001 standards and associated audit processes
• Security Certifications such as AWS Security, SSCP, CISSP, or CISM

Benefits

• Medical and dental coverage
• 401(k) plans
• Wide range of paid time off options
• Flexible work environment
• Designated ACA Paid Holidays
• Summer Fridays
• Personal/Family Care leave
• Student Debt Forgiveness
• Pet Insurance