Information Security Manager
Position Purpose: This position will be responsible to perform a variety of Information Security responsibilities across Ascensus and as the primary resource for Ascensus Retirement TPA (Third Party Administrator) acquisitions. The individual hired for this position requires a passion for data protection, solid information security experience, strong communication and organizational skills, collaborative abilities, self-motivation, innovation, efficiency and attention to detail. This position will report directly to the Ascensus VP of Information Security & Compliance.
Essential Duties and Responsibilities:
- Supporting the Ascensus TPA group within the Retirement Division on all corporate and business related security needs:
- Serve as Subject Matter Expert (SME) on the corporate security function for the TPA Business
- Guiding teams on implementing information security best practices
- Provide business unit security and compliance reporting within Retirement
- Assisting in acquisition due diligence, integration and post integration projects
- Supporting Ascensus corporate security initiatives
- Leading our vulnerability management program
- IT Compliance efforts and reporting
- Assisting with the development and management of policies and procedures
- Assisting with vendor compliance efforts
- Assisting in security monitoring and alerting
- Assessing and selecting security vendors or solutions based on project requirements
- Maintain and communicate knowledge of industry and new security technologies
- Identify emerging vulnerabilities and evaluate associated risks
- Assisting in incident response events
- Assisting in controls framework management
- Support internal and external audits including SOC, regulatory audits, or client intiated
- Assisting with internal risk assessments
- Assessing the viability and integrity of Disaster Recovery and Business Continuity plans
- Partner with internal teams as needed
- Assisting with other corporate IT security and compliance initiatives
- Participating, contributing, and collaborating with peers
- Developing, implementing, and enhancing security awareness training content
- Responsible for protecting, securing, and proper handling of all confidential data held by Ascensus to ensure against unauthorized access, improper transmission, and/or unapproved disclosure of information that could result in harm to Ascensus or our clients.
- The I-Client philosophy and the Core Values of People Matter, Quality First and Integrity Always® should be visible in your actions on a day to day basis showing your support of our organizational culture.
- Knowledge of information security risks (technical, administrative and physical), preventative measures, and incident management.
- Ability to identify, document, and recommend action on security and compliance findings.
- Familiarity with security & privacy regulations/frameworks such as NIST, GLBA, etc.
- Excellent written and oral communication skills. The ability to communicate effectively (clear, concise and professionally) with all levels within Ascensus, auditors and business partners.
- Highly organized and able to process and manage inventories of controls and findings.
- Persistence and strength to champion initiatives.
- Excellent analytical and problem resolution skills.
- Self-starter and able to work independently on large projects.
- Desire to learn and develop new knowledge and skills quickly.
- Ability to facilitate meetings, obtain feedback and coordinate next steps.
- Ability to project manage.
- 4-6 years of experience in Information Security.
- Financial services industry experience preferred.
- IT Audit experience preferred.
- Knowledge of networking preferred.
- Expert level proficiency in MS Office software applications, specifically Word and Excel.
- Professional security certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is preferred.
- Bachelor’s degree or Associate’s degree plus equivalent work experience required.
We are proud to be an EEO employer M/F/D/V.
- Collaborative, idea-sharing environment
- Professional development
- In-house training
- Tuition reimbursement
- Generous reward programs
- Paid time off (additional purchase plan)
- Medical, dental & vision benefits
- Health savings account (employer contribution up to $1,100)
- 401(k) & 529 match programs
- Volunteer/charitable-giving programs
- Business casual dress