applicants
Security Manager
at
The BCI Group
in Duluth
C2-11
Atlanta SchoolAtlanta Public Schools
JOB DESCRIPTION
Position Title: IT SECURITY MANAGER
Division: INFORMATION TECHNOLOGY
(IT Policy and Governance)
Grade: IT5
Annual
(Exempt)
POSITION SUMMARY
Job Function- Manages and coordinates information security staff and activities throughout Atlanta Public School
District). Information Security manager is in charge of the Information Security Management function, providing line
management, leadership and strategic direction for the function and liaising closely with other managers.
Level Characteristics: Coordinate and oversee Atlanta Public School’s information technology infrastructure
security program, including developing, implementing and monitoring infrastructure security tools and processes for
IT assets on the APS Network in order to maintain a secure computing platform.
Relationships: Reports to the Executive Director of Policy and Governance.
KEY RESPONSIBILITIES
% OF
TIME
Leads the design, implementation, operation and maintenance of the Information Security Management
System based on an industry standard. 20%
Forms a consulting function for information security management such as offering internal management
consultancy advice and practical assistance on information security risk and control matters throughout the
organization. This will include an emphasis on promoting the commercial advantages of managing
information security risks more efficiently and effectively. (Right size security). 20%
Leads or facilitates the preparation and implementation of necessary information security policies,
standards, procedures and guidelines. 5%
Leads the design and operation of related compliance monitoring and improvement activities to ensure
compliance both with internal security policies etc. and applicable laws and regulations. 5%
Leads or facilitates suitable information security awareness, training, educational activities, security risk
assessments, controls selection activities and value add security monitoring solutions, processes and
metrics. 5%
• Manages implementation of Information Security program efforts, including:
• Development of security strategy, project planning and execution.
• Establishing cost-efficient risk based information security services and solutions that effectively
manage risks to the business.
• Managing 3rd-party vendors.
• Designing and conducting security assessments or audits.
• Establishing business centric Information security metrics.
• Defining, implementing and managing security policy, standards and procedures.
• Vendor selection and negotiation for information security related solutions.
• Managing incident response and incident management.
• Vulnerability Management program development and operations.
• Security Architecture review and design.
• File Integrity Monitoring
• Vulnerability & Threat Detection & Prevention (Qualys, Nessus, NetStumbler, Symantec, IDS/IPS)
• Network, application and host based security products 45%
C2-11
Position TitlePosition Title: IT SECURITY MANAGER
KEY JOB REQUIREMENTS
Formal Education:
Bachelor’s Degree required or equivalent combination of education and work
experience. MBA preferred.
Work Experience:
5-7 years of work experience in information security management and/or related
functions (such as IT audit and IT Risk Management).
Typically a background in technical IT roles such as IT architecture, development
or operations, with a clear and abiding interest in information security.
Prior compliance program experience, particularly PCI DSS.
Experience creating policies, standards, process and procedure development and
maintenance.
Project Management experience
Impact of Actions:
Makes decisions and final recommendations which routinely affect the activities of
others.
Certifications/Licenses:
CISSP, CISM, GSEC, GIAC (Security) and CIPP (Privacy) certifications are
strongly desired
Member of various Information Security organizations (e.g., ISSA, IAPP, etc.) is
preferred.
Decision Making:
Analytical: Supervisor is available to review established broad objectives;
independent judgement is required.
Internal Communication:
Requires regular contact to discuss issues of moderate importance; requires
continuing contact with officials at higher levels.
External Communication:
Requires regular contact to discuss issues of moderate importance; requires
continuing contact with officials at higher levels.
Managerial Skills: Responsible for supervising/ making recommendations within a department.
Technology Application:
Applies, recommends, and implements advanced technology concepts to improve
the efficiency and effectiveness of multiple divisions.
Responsibility for the welfare
of others: Continually
C2-11
Position TitlePosition Title: IT SECURITY MANAGER
WORKING CONDITIONS
Knowledge of the following:
• Knowledge of ISO27001:2 COBIT Information Security
best practices.
Skills in the following:
• Creating policies, standards, process and procedure
development and maintenance.
Abilities in the following:
• Ability to communicate how IT risks and threats directly
impact the business.
PHYSICAL EFFORT
Typically sitting at a desk or table
Sitting, stooping, reaching, lifting, walking,
hearing/listening, seeing/observing.
==============
My contact information is:
Company: The BCI Group
James Smith
Partner
Phone: 404-987-0556
Email: jsmith@thebcigroup.com
Web site: www.thebcigroup.com
About The BCI Group:
The BCI Group
Recent jobs at The BCI Group
Data Architect at The BCI Group in Duluth
24-07-2011
Microsoft Solutions Architect at The BCI Group in Duluth
24-07-2011
Network Administrator-Email Collaboration Specialist at The BCI Group in Duluth
24-07-2011
Network Administrator-Infrastructure Analyst at The BCI Group in Duluth
24-07-2011
Network Administrator-Wireless Specialist at The BCI Group in Duluth
24-07-2011
Viewed: 30 times