Information Security Manager at K2 Intelligence
New York City, NY, US

K2 Intelligence is looking for an experienced information security and compliance manager. This role will manage governance and compliance activities and provide cybersecurity direction to internal and external clients. The individual will possess an in-depth knowledge of information security principles, with a focus on governance, policies and procedures, and controls, along with a working knowledge of regulatory requirements. The manager should have a high awareness of industry trends and the ability to efficiently communicate with staff at all levels, including leadership, management, and engineers. 

 

Responsibilities:

  • Manage the internal information security governance program.
  • Guide and collaborate with information security incident analysis and response teams.
  • Identify, track, and periodically communicate risks to relevant target audiences.
  • Lead in the administration of business continuity and disaster recovery plans.
  • Define and document information security standards and practices.
  • Advocate for information security policies, procedures, and standards within the firm.
  • Ensure information security practices align with regulatory requirements.
  • Assist with organizational compliance to corporate information security policies and standards.
  • Provide consulting-related services to clients; liaise with clients to identify information security risks, manage the mitigation process, and implement information security strategies, policies, processes.
  • Participate in audits, risk assessments, or gap analyses; report on findings and corrective actions for internal teams and external parties.
  • Evaluate and assess emerging information security threats; interpret and respond to information security intelligence and incident reports, escalating issues to leadership as necessary.
  • Provide operational guidance—strategic and tactical—to internal and external parties.
  • Assist with information security requirements for new IT initiatives.
  • Prepare presentations and reports on information security trends.
  • Develop and report on information security metrics (KPIs).

Requirements:

  • Bachelor's degree in computer science–related field.
  • Minimum four years’ experience in information security.
  • Working knowledge of information security standards such as ISO27001, PII, PCI, and DFS.
  • General understanding of risk-based assessment methodologies.
  • Experience auditing technical controls such as End Point Security, SIEM, and Vulnerability Management.
  • Conversational technical knowledge of networks, applications, operating systems, databases, etc.
  • Working knowledge of a variety of typical security products.
  • Experience managing team members, vendors, or consultants.
  • Excellent project management and organization skills.
  • Strong interpersonal and written/oral communication skills.
  • Ability to travel as required.
  • CISSP, CISM, CRISC, or CGEIT certifications highly preferred.

In order for us to manage your application effectively, please include in the subject line of your email your full name, the role you are applying for, and the location of the role.