• Develops, implements, and monitors a strategic, comprehensive enterprise information security and IT risk management program.
• Participates in a committee that brings together key security and risk stakeholders to provide overview and status of the Security Program, develops and reviews enterprise security and risk strategies.
• Develops and enhances an information security management and IT risk framework.
• Coordinates with technology and business groups to assess, remediate, and monitor IT-related security risks.
• Understands the trade-offs required to manage the different levels of information security risk tolerance and risk exposure across the organization and balance this with risk investments.
• Reports security performance against established security metrics and service level agreements.
• Evaluates documented resolutions and analyzes trends for ways to prevent future problems.
• Develops, disseminates, and enforces policies, standards and procedures.
• Manages 3rd party Security vendor relationships and vendor platforms.
• Creates, executes and maintains an information security awareness and training program for all team members, contractors and approved system users.
• Monitors regulatory compliance with enterprise security policies and educates business unit leaders on compliance efforts.
• Leads security training and communicates policies.
• Ensures all staff members receive orientation and appropriate training in accordance with organizational standards.
• Liaises with other managers to ensure the effective and efficient delivery of services among various activities to increase effectiveness and efficiency.
• Communicates with clients and other stakeholders to gain community support for projects and solicits input to improve the team.
• Provides daily direction to IT team. Communicates Mission, Values and other organization operating principles to direct and indirect reports.
• Establishes and maintains the overall work cadence and, in partnership with IT Leadership, ensures performance and outcomes strive for excellence in delivery and customer experience. Ensures that the entire assigned IT team is engaged and that leadership practices for the department encourage development, recognition and retention.
• Executes the human resources policies, procedures, and practices of the organization. Ensures that personnel files are properly maintained and kept confidential.
• Establishes and holds team accountable to and adheres to hiring criteria, on-boarding and training requirements for incoming staff.
• Oversees the performance management and development process for the assigned IT team members and performs performance management duties, development planning and coaching for direct reports.
• Acts as a resource for assigned IT team members to answer questions and solve complex problems.
• Manages assigned IT budget, technology and other resources, workload and customer requests for IT services. Ensures adherence to all Company policies and procedures and Compliance responsibilities.
• Ensures data quality, adherence to IT security guidelines, profitability and other risk-related metrics for self and members of the team.

​

Supervisory Responsibilities

• Directly supervises information Security managers and project managers/scrum masters and other IT team members and carries out supervisory responsibilities in accordance with company policies and applicable laws. These responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; conducting performance and salary reviews; rewarding and disciplining employees; addressing complaints and resolving problems; coaching, mentoring, and developing team members to further their skills and knowledge; creating and monitoring development plans; setting performance expectations/goals; forecasting staffing needs and planning for peak times and absences; enforcing department policies and procedures.

Required Qualifications

• Bachelor of Science degree required in Business, Computer Science, Applied Mathematics, Engineering, or related field.
• Minimum 10 years of general IT-related job experience; or equivalent combination of education and experience.
• Minimum 5 years managing and leading related IT and information security team.
• Experience in cyber security with working knowledge of data analysis, risk assessment and mitigation, investigation methods, incident management concepts and practices, with background in intrusion detection and forensic analysis.

​

Preferred Qualifications

• CISSP, CISM, CISA, CCISO professional certifications.

We are currently not offering employment sponsorship for this opportunity.

​

Why Join ICW Group?

• Challenging work and the ability to make a difference
• You will have a voice and feel a sense of belonging
• We offer a competitive benefits package, with generous medical, dental, and vision plans as well as 401K retirement plans and company match
• Bonus potential for all positions
• Paid Time Off with an accrual rate of 5.23 hours per pay period (equal to 17 days per year)
• 11 paid holidays throughout the calendar year
• Want to continue learning? We’ll support you 100%

​

ICW Group is committed to creating a diverse environment and is proud to be an Equal Opportunity Employer. ICW Group will not discriminate against an applicant or employee on the basis of race, color, religion, national origin, ancestry, sex/gender, age, physical or mental disability, military or veteran status, genetic information, sexual orientation, gender identity, gender expression, marital status, or any other characteristic protected by applicable federal, state or local law.

​

Work Environment

This position operates in an office environment and requires the frequent use of a computer, telephone, copier, and other standard office equipment.

​

The current range for this position is $160,745.90 - $287,738.43. This range is exclusive of fringe benefits and potential bonuses. If hired at ICW Group, your final base salary compensation will be determined by factors unique to each candidate, including experience, education and the location of the role and considers employees performing substantially similar work.