Liaison, offers the following:
A place to work with fun, smart, collaborative and driven people. Liaison is unique in that we are an established and stable company but have that fast-paced energy and feel of a start-up. Our SaaS based admissions management. enrollment marketing and analytics software and services helps millions of students take the next step in their academic career and is utilized by over 5,000 academic programs!!
Liaison International is seeking a highly talented Information Security Manager who will be responsible for overseeing the Information Security Office (ISO), and management of all aspects of the Enterprise Information Security Program (EISP), including: on-premise and cloud-based infrastructure, software development, databases, desktop applications, compliance, vulnerability/risk management, and security awareness training. This role requires an analytical thinker with strong management and communication skills to develop and maintain a robust information security program that continuously seeks to improve the protection of company data and assets.
- Develop, maintain, and manage information security program including all related policies, processes, and procedures
- Establish and lead the Information Security Office (ISO), and manage security projects across the different teams
- Evaluate and implement new technologies to improve overall security posture
- Manage and assess all current and future compliance obligations (ex. PCI-DSS, FERPA, GDPR, State and Federal regulations, etc.)
- Ensure that existing security controls adhere to commonly accepted frameworks such as NIST, ISO 27001, OWASP, CIS, COBIT, etc.
- Facilitate cross-team communication to identify and remediate any security gaps, as well as improve upon existing processes and protocols
- Proactively monitor systems for signs of compromise or breaches and lead incident response efforts for mitigation and containment
- Act as point person for all security questionnaires and audits and coordinate with the various teams for timely completion
- Administer ongoing cyber security awareness program for all company employees and contractors
- Perform regular internal audits of security controls, processes, and procedures to ensure they are functional, sufficient, and align with the expectations of the business
- Work with contractors and vendors to verify that their practices and systems adhere to Liaison’s security standards
- Govern vulnerability and risk assessment programs, and spearhead all internal/external assessments (vulnerability , compliance , penetration testing, etc.).
- Review, create, and update network and data flow diagrams as they pertain to information security
- Maintain the fulfillment of all legal and contractual obligations as they pertain to information security and privacy
- Design and direct system hardening and access control requirements
- Help coordinate schedule for systems upgrades and patching
- Keep current on emerging security threats and trends
- Manage the information security budget
- Provide guidance on cybersecurity best practices to the teams and management
- Develop reports and presentations for Executive Management focused on compliance, auditing, vulnerability, risk, and security matters
- Bachelor’s degree in Computer Science, Information Technology, or a related field
- Minimum of seven years of information security experience with minimum of two in a management role
- Advanced knowledge of commonly accepted information security frameworks such as NIST, ISO 27001, and OWASP and experience implementing them in an Enterprise environment
- At least one of the following certifications: CISSP, CISM, CCSP, CISA
- Experience with PCI-DSS compliance obligations
- Strong understanding of networking concepts and protocols (BGP, TCP, NAT, ACL, etc.)
- Strong understanding of both Windows and Linux systems
- Experience with both vulnerability and risk management