Security and Compliance Manager

Responsibilities

• Develop, implement, and manage comprehensive security and privacy compliance programs.
• Stay current with relevant laws, regulations, and industry standards, ensuring the organization's adherence to applicable requirements.
• Conduct regular compliance assessments and audits, addressing any identified gaps or non-compliance issues.
• Identify, assess, and prioritize information security risks.
• Collaborate with stakeholders to develop and implement risk mitigation strategies.
• Conduct regular risk assessments and provide recommendations for risk reduction.
• Design and implement security architecture and controls that align with industry frameworks.
• Oversee and continuously improve security tool efficacy.
• Design and implement a robust vulnerability management program.
• Conduct regular vulnerability assessments, analyze results, and coordinate remediation efforts.
• Stay informed about emerging threats and vulnerabilities, ensuring timely and effective response measures.
• Develop and maintain responsive security operations that deliver comprehensive monitoring, advanced detection capabilities, and high-fidelity alerting.
• Oversee day-to-day security operations, including incident response, threat detection, identity and access management, and monitoring.
• Lead the development and implementation of security policies, standards, and procedures.
• Lead incident response exercises to continually fine tune procedures.
• Collaborate with IT and other departments to integrate security measures into the organization's infrastructure and processes.
• Utilize a continuous improvement process for all security related systems, toolsets, services, and procedures to ensure that everything is meeting business needs.
• Develop and enforce data governance policies and procedures.
• Develop and implement safeguards to monitor the use of artificial intelligence.
• Regularly audit data to ensure that policies are properly implemented and utilized.
• Ensure data access controls and encryption are deployed appropriately.
• Provide leadership and guidance to the security team, fostering a culture of continuous improvement and innovation.
• Mentor junior team members and facilitate knowledge sharing within the team.
• Collaborate with other departments to promote a security-aware culture throughout the organization.

Required Knowledge, Skills, and Abilities

• Bachelor’s degree in computer science, programming, information security, or a related field preferred. Equivalent work experience or certifications may be considered.
• 7 – 9 years of experience in risk, compliance, and information security policy development
• Team mentoring or leadership experience.
• Demonstrated problem-solving and analytical skills.
• Proficient, or able to gain proficiency with, a broad array of security software applications and tools.
• Thorough understanding of computer-related security systems including firewalls, encryption, and password protection and authentication.
• Strong interpersonal skills and the ability to effectively communicate with a wide range of individuals and constituencies in a diverse community.
• Knowledge of IT processes and controls and strong understanding of risk and control frameworks such as (ISO, NIST, ITIL, PCI).
• Strong working knowledge of information security regulatory requirements and standards such as ISO 27001.
• Ability to ensure standards and parameters for any systems on the company network are correct and current.
• Experience with Microsoft Intune, vulnerability assessment solutions, and patch management software.
• Experience with Microsoft, Cisco, and general security solutions.
• Experience with Microsoft PowerShell and/or scripting tools.
• Excellent verbal and written communication skills.
• Organized with attention to detail.
• Certified Information Systems Security Professional (CISSP) Certification.

Benefits - You'll love working at NRI not just for the usual benefits, but for our environment and culture!

• You'll work with a great group of people in a highly collaborative team and results oriented atmosphere
• You'll have the opportunity to work in a dynamic and extremely positive environment where there is always the opportunity to challenge your skills and really move the needle
• You’ll work with large, sophisticated, and progressive clients throughout North America
• We provide a comprehensive benefits program including: $0 Healthcare option, company contribution to Health Savings Account with enrollment in a qualifying plan, 401(k) plus company match, Professional Development funds, Flexible Time Off (FTO) plus 11 company holidays, 4 weeks Parental/Caregiver Leave, company paid family building/fertility benefits through Progyny, Dental and Vision Insurance, and company paid Life/AD&D, short term and long term disability insurance.

Notices