Listing Description
Summary
The Information Security Manager reports to the Director of Information Assurance to develop and implement Information Security Strategy encompassing governance, policies, and procedures. This position works with Information Technology and Information Systems to ensure secure infrastructure and applications. The Manager ensures compliance with standards, guidelines, procedures, policies, and performs audits to identify and resolve audit issues. The Manager also reports security incidents, recoveries, breaches, intrusions, and/or system abuses to the Vice President of Information Systems and Technology. The Information Security Manager requires a self-motivated and very organized person who requires minimal direction and follow-up from superiors.
Visa Sponsorship Available
No
Minimum Requirements
Combination of Education and Experience will be considered. Must be authorized to work in the US as defined by the Immigration Act of 1986. Must pass a Criminal Background Check.
Education: Bachelor’s Degree in Information Systems, Computer Science, Engineering, or related field, or the equivalent combination of education, training, and experience.
Certification: Certified Information Systems Security Professional (CISSP) certification.
Years of Experience:
•Minimum five (5) years of progressive experience in Information Technology and security related duties.
•Minimum five (5) years of experience architecting, building, and maintaining security systems.
•Minimum two (2) years of experience in a people management or team years of experience in a technical leadership role, with 2 years leadership role.
•Significant experience with information security processes, concepts, principles, and methodologies.
•Significant experience with security operations, engineering, and/or architecture.
•Expert knowledge of CIS, NIST, ISO 27001/27002, PCI DSS, and other Information security requirements and frameworks.
•Advanced knowledge of Agile processes and methodologies.
•Significant experience working with information security concepts, principles, technologies, and methods, and translating best practices in information security to operations in a risk management framework.
•Expert knowledge of information technology systems, processes, and application development.
•Expert organizational, planning and time management skills.
•Expert research, analytical, and problem-solving skills.
•Expert skill developing and implementing programs in a leadership role.
•Expert skill building effective relationships with all levels of staff, management, stakeholders, and vendors, through rapport, trust, diplomacy, and tact.
•Experience working with internal audit and external examiners.
•Significant experience collaborating across organizational boundaries and building partnerships across functions.
•Expert skill to influence, negotiate and persuade to reach agreeable exchange and positive outcomes.
•Advanced skill exercising initiative and using good judgment to make sound decisions.
•Advanced verbal, written, interpersonal, and presentation skills to communicate clearly and concisely technical and non-technical information to all levels of management.
•Experience with SaaS and Cloud technologies like Docker, GO Lang, Python, Terraform, and AWS technologies like DDB, Lambda, ECS.
•Experience with web application technologies including HTTP, HTML, PHP, CSS, JavaScript, and modern web frameworks like React.
•Experience with DevOps, continuous integration, and continuous deployment practices.
•Solid understanding of Microservices architecture and distributed systems.
•Knowledge of Networking (WAN, SDWAN), routing/switching, L3/L4, TCP/IP.
Job Duties
•Supervise and manage the day-to-day activities and operations of a remote SOC environment consisting of Managed Security Service Providers (MSSP) and core IT Security team.
•Manage and mentor a team of security analysts. This includes responsibility of career development and growth of direct reports.
•Provide feedback, growth opportunities, and align resources where most appropriate for the team under your purview.
•Report to senior Security management regarding Security posture and the status of third-party remediation efforts to address third party control gaps and resolve areas of noncompliance.
•Present analytical findings, recommendations and proposed changes to senior leadership.
•Assist in the development of people, process and technology.
•Perform supervisory/managerial responsibilities: ensure adequate/skilled staffing; select employees; establish performance goals and priorities; prepare, conduct, and review performance appraisals; develop, mentor, and counsel’s staff; provide input and/or prepares budget requirements for Annual Financial Plan (AFP); ensure section/branch goals and objectives align with division/department strategy; and ensure efficiency of operations.
•Direct communication and information sharing with internal business units.
•Create and evangelize a world-class partnership program with all other teams to guarantee success of the organization.
•Build close relationships with other leaders in the IT organization and beyond to expand and enhance the voice of IS in all areas of execution.
•Build and extend relationships with third party service providers to ensure we are strategically choosing where to build internal competencies and where to engage others.
•Collaborate and build relationships with Internal and partner organization Procurement & Vendor Management and business units.
•Collaborate with leadership of other Information Security teams to ensure coordination and alignment with Information Security’s strategic direction.
•Own the Incident Response function including: maintain accurate records of investigations and incidents for future audits and customer inquiries; serve as an incident commander during security events.
•Establish and monitor program performance metrics for assigned functional area(s), determine gaps in performance for improvements and recommend/implement changes to improve operations.
•Lead incident management planning efforts, including tabletop exercises and development of contingency partners.
•Provide support for complex computer network exploitation and defense techniques to include deterring, identifying, and investigating computer and network intrusions.
•Coordinate with extended staff to monitor all operations, networks and infrastructure for security issues and investigate incidents as needed.
•Drive lessons learned and remediation activities throughout the security operations team/extended team. Recommend security enhancements to management.
•Manage development and implementation of information system security policies, practices and standards.
•Work cross-functionally to ensure up-to-date and impactful IS awareness and training initiatives are delivering results.
•Plan, identify, develop and manage the analysis of enterprise information security risk exposure associated with current and new third-party engagements.
•Ensure compliance with all regulatory agency regulations and applicable federal, state, and local laws.
•Manage and groom a forward-looking roadmap of initiatives as well as a reactive list of enumerated vulnerabilities to negotiate remediation plans with IT and line-of-business leaders.
•Ensure any direct reports understand and apply our Customer Commitment and customer service standards to their daily responsibilities as appropriate.
•Model Allegiant’s customer service standards in personal actions and when providing leadership direction.
•Other duties as assigned.
Physical Requirements
The Physical Demands and Work Environment described here are a representative of those that must be met by a Team Member to successfully perform the essential functions of the role. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the role.
Office - While performing the duties of this job, the Team Member is regularly required to stand, sit, talk, hear, see, reach, stoop, kneel, and use hands and fingers to operate a computer, key board, printer, and phone. May be required to lift, push, pull, or carry up to 20 lbs. May be required to work various shifts/days in a 24-hour situation. Regular attendance is a requirement of the role. Exposure to moderate noise (i.e. business office with computers, phones, printers, and foot traffic), temperature and light fluctuations. Ability to work in a confined area as well as the ability to sit at a computer terminal for an extended period of time. Some travel may be a requirement of the role.
Essential Services Provider
Allegiant as a national air carrier is deemed an essential service provider during declared national and state emergencies. Team Members will be required to report to their assigned trip or work location during national and state emergencies unless prohibited by local, state or federal order.
EEO Statement
Equal Opportunity Employer: Disability/Veteran
For more information, see https://allegiantair.jobs
People of color, women, LGBTQIA+, immigrants, veterans and persons with disabilities are encouraged to apply.
Annual Salary Range: $109,88 - $138,100
Full Time Benefits:
Profit Sharing
Medical/Dental/Vision/Life/ Disability Insurance
401K with an employer match
Employee Stock Purchase Plan
Employee Assistance Program
Tuition Reimbursement
Flight Benefits
Paid vacation, holidays and sick time
Part Time Benefits:
Profit Sharing
Medical/Dental/Vision/Life/ Disability Insurance
401K with an employer match
Employee Stock Purchase Plan
Employee Assistance Program
Tuition Reimbursement
Flight Benefits
Sick time
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided