As part of the Church Mutual team, you'll work with some of the most experienced and knowledgeable people in the industry and achieve your own growth and career satisfaction while finding fulfillment in serving those who serve others. We foster a workplace where all employees are treated with dignity and respect; diversity, inclusion and belonging are woven into the fabric of our company through our customers, employees, leadership, business relationships and outreach programs. Join us and Stand for Good.
The Information Security Manager position manages and ensures the effective use of assigned resources to provide optimal support of the information security program, and ensures that the information assets of the CM Group are adequately protected.
This position is responsible for identifying, evaluating, and reporting information security risks, ensuring CMG is maintaining compliance with regulatory requirements, operational support, service level management and budget management. Supervisor responsibilities to include staffing, training and development, performance management, and work force planning.
• Supervisor/Manager responsibilities may include all of the following:
• Staffing needs, to include interviewing and onboarding for new employees.
• Training and development, as well as coaching and motivation for staff.
• Performance Management, goal setting, employee engagement, and salary administration.
• Workforce Management to include; unit equipment, software, and space needs, approving time off and overtime usage, and budget recommendations.
• Manage and allocate resources to IT areas to ensure the achievement of business goals. Accountable for team service delivery performance and for the impact of the results on IT and the business. Communicate strategy and develop plans to foster high level of staff engagement.
• Responsible for the effective acquisition, deployment, and integration of information technology solutions. Ensure effective deployment and flexibility in meeting changing business needs. Develop plans and completion criteria and coordinate efforts of team members, vendors, subcontractors, and CM Group personnel.
• Enable the organization's flexibility through effective leadership and direction. Ensure availability of technology resources with the appropriate knowledge and skills.
• Lead through collaboration, partnering, and clear decision making. Provide leadership and guidance to individual contributors.
• Maintain contact with senior IT management and communicate problem progress/status, risk management, and business satisfaction updates. Provide regular reporting on the current status of the information security program and significant incidents to senior IT management and the Board of Directors.
• Create and manage a targeted information security awareness training program for all employees, contractors, and approved system users, and establish metrics to measure the effectiveness of this security training program for the different audiences.
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance, and business continuity management.
• Assist departments if fulfilling their information security requirements and assessing department-level compliance.
• Develop an information security vision and strategy that is aligned to organizational priorities and enables and facilitates the organization's business objectives, and ensure senior stakeholder buy-in and mandate.
• Oversee the approval and publication of information security policies and practices.
• Provide input for the IT section of the company's code of conduct.
• Work with the compliance staff to ensure that all information owned, collected, or controlled by or on behalf of the company is processed and stored in accordance with applicable laws and other global regulatory requirements, such as data privacy.
• Collaborate with Compliance for reporting and escalating security incidents, as necessary, lead security incident response efforts.
• Establish security metrics, tracking the progress of the Corporate Information Security Program, and coordinate with other corporate governance and risk entities.
• Establish and document information security standards in the PMLC and SDLC processes and provide appropriate review of projects to assess information security policies, practices, and guidelines.
• Oversee technology dependencies outside of direct organizational control. This includes reviewing contracts and the creation of alternatives for managing risk.
• Conduct vulnerability scanning, facilitate the vulnerability management process, and escalate as required for critical vulnerabilities and threats.
• Participate in department capital, expense, and compensation budgeting.
• Perform vendor negotiations, contract management, escalation, purchase request, and invoice verification.
• Bachelor's degree in related field (e.g., business, finance, or technical) or equivalent experience required.
• 1+ years IT organization experience required.
• 1+ years leadership/management experience required.
• Insurance industry experience preferred.
• Experience with contract and vendor negotiations.
• Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or other similar credentials.
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
• Knowledge of SDLC methodologies.
• Knowledge of insurance industry.
• Knowledge of insurance IT systems.
• Knowledge of financial management.
• Knowledge of management techniques.
• Knowledge of business risk management.
• Strong knowledge around creating business value.
• Strong knowledge of MS Office tools.
• Strong ability to build trust.
• Strong ability to deliver capabilities.
• Strong ability to adapt.
• Ability to manage resources.
• Ability to manage vendors.
• Ability to delegate.
• Ability to lead/mentor less experienced staff.
• Strategic thinking and planning skills.
• Negotiation skills.
• Strong collaboration and partnering skills.
• Strong communication skills.
• Strong problem solving skills.
• Strong decision making skills.
• Strong systemic thinking skills.
• Strong leadership skills.
• Strong teamwork skills.
• Ability to learn CM Group IT systems, methodologies and processes, and policies, products, etc. associated with the business.
Church Mutual is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.
Exact compensation will vary based on consideration of a variety of factors including education, skills, experience, and location.
Software Powered by iCIMS
www.icims.com