The IT Security Manager is a leadership position responsible for strategies, technologies, and solutions that protect customers, systems, and data in alignment with the policies and control framework. Collaborates with business partners in various departments to deliver secure solutions in a rapid-paced environment. Responsible for establishing targeted levels of service performance for security capabilities and services. Responsible for managing projects for continual process improvements relating to security and audit response and preparedness. The role requires technical competence and experience managing diverse teams. Additionally, the ability to quickly understand and adapt to complex environments. Business and interpersonal skills are essential to manage risk to the business, interface with other business units and develop team members.
Strongly prefer candidates with: • Experience with Identity & Access Management concepts, such as user lifecycle management (provisioning and de-provisioning), Identity Governance, Role/Attribute Based Access Control, and least-privileged access. • Experience with Agile Practices like Scrum, Kanban, CI/CD. • Experience with build/tooling such as Git, Stash, Jenkins, Jira, and Confluence • Experience leading a team according to Agile software development methodologies • Ability to lead a highly collaborative, dynamic, and cross-functional team of senior engineers and analyst • Demonstrated experience overseeing the implementation of DevOps tools, capabilities, and methods o Offer to selected candidate will be made contingent on the results of applicable background checks o Offer to selected candidate is contingent on signing a non-disclosure agreement for proprietary information, trade secrets, and inventions
Job Level Summary
Manages professional employees and/or supervisors.
Has accountability for the performance and results of a team within own area of specialty.
Adapts plans and priorities with urgency to address resource and operational challenges.
Decisions and problem solving are guided by policies, procedures and department plan; receives guidance from manager.
Provides technical guidance to employees, colleagues and/or customers.
Develop security strategies for existing and emerging business needs and maintain a security technology roadmap to deliver new capabilities.
Drive the selection, architecture and design, implementation and maintenance of the Company’s security technology.
Directs the research into emerging tools, techniques and methods for detecting and addressing evolving threats to enterprise digital assets.
Oversees the development and implementation of cyber security and information risk management capabilities, services, that support protect enterprise digital assets in accordance with enterprise policies and standards.
Establishes methodologies to provision users and provide identity access management duties within American Family enterprise. Ensures the methodologies address business needs and demonstrate compliance with federal mandates and industry standards.
Manages active monitoring of systems to identify anomalies and potential threats as they occur and takes actions to eliminate the threats.
Manages implementation of a methodology to measure and report current and future security vulnerabilities and establishes remediation plans.
Manages security assessments of systems and applications using penetration tests, ethical hacking tools and risk assessment/mediation methodologies to evaluate vulnerabilities.
Establishes, communicates, and implements departmental plans, objectives, and strategies.
Manages relationships with multiple stakeholders, understanding the business drivers and the future direction of the business. Provides information security architecture/systems engineering and security standards consulting to the business areas.
Manages direct reports, systems and projects to achieve department/unit goals in accordance with Company policies and practices.
Manages the budget, including continually seeking efficiencies and cost reductions.
Provides leadership by exhibiting influence and expertise, thus affecting the results of the area.
Develops staff through coaching, providing performance feedback, providing effective performance assessments and establishing performance & development plans.
Experience with Identity & Access Management concepts, such as user lifecycle management (provisioning and de-provisioning), Identity Governance, Role/Attribute Based Access Control, and least-privileged access.
Experience with Agile Practices like Scrum, Kanban, CI/CD.
Experience with build/tooling such as Git, Stash, Jenkins, Jira, and Confluence
Experience leading a team according to Agile software development methodologies
Ability to lead a highly collaborative, dynamic, and cross-functional team of senior engineers and analyst
Demonstrated experience overseeing the implementation of DevOps tools, capabilities, and methods
Ability to complete root-cause analysis on complex issues
Troubleshooting highly complex issues
Strong Knowledge of Risk and Compliance initiatives including PCI, SOX, HIPAA
Knowledge of the NIST Cyber Security Framework
Telecommuting is allowed.
Internal Number: R21442
About American Family Enterprise
At American Family Insurance, we know how hard our customers and employees work to achieve their dreams. That's why, for over 90 years, we have made it our mission to protect those dreams. It's all part of who we are and who we’ll always be… innovative, caring, agile, trustworthy, transparent and passionate. We are a strong, forward-looking company and a proven leader in our industry. And if you are looking to make a difference, we are looking for you.