Security & IT Program Manager

RESPONSIBILITIES:

• Analyze existing Security, GRC, and IT operations processes to identify areas of opportunity.
• Collaborate with users and departments to understand needs, document requirements, and develop security controls.
• Develop and implement process improvements that enhance efficiency, reduce risk, and improve compliance.
• Develop and maintain documentation for security and IT operations processes, policies, and procedures.
• Manage security and IT operations projects from initiation to closure, ensuring timely delivery and adherence to project goals.
• Develop project plans, timelines, and resource requirements.
• Track project progress, identify risks, and implement mitigation strategies.
• Ensure compliance with relevant security and industry regulations, standards, and frameworks (e.g., ISO 27001, GDPR).
• Develop and implement policies and procedures related to new hires, employee terminations, and transfers, ensuring that all IT & Security requirements are met and compliance is maintained. Continuously review and update these processes to address evolving risks and regulatory changes.
• Oversee the implementation and effectiveness of security awareness training programs, ensuring that all employees are adequately trained and aware of their security responsibilities.
• Monitor compliance activities and identify areas for improvement.
• Coordinate with relevant stakeholders to plan and execute regular risk assessments
• Enhance and maintain a comprehensive risk register, including the identification, assessment, prioritization, and tracking of risks.
• Manage vulnerability remediation, including coordinating and tracking efforts to remediate identified vulnerabilities, ensuring timely and effective resolution.
• Enhance process for reviewing and approving or rejecting proposed risk mitigation or exception requests, ensuring that they align with the organization’s risk tolerance and compliance requirements.
• Develop and deliver regular executive reports on the security and IT operations program’s performance, key metrics, and risk assessments.
• Provide insights and recommendations to senior leadership based on data analysis and industry trends.
• Manage relationships with third-party IT & Security vendors to ensure effective delivery of services and alignment with organizational needs.
• Develop deep knowledge of privacy and security obligations, processes, best practices, and solutions utilized across the organization. Leverage this knowledge to drive requirements and process improvements.

QUALIFICATIONS:

• 3+ years of experience in Security, Compliance, or IT operations with a strong focus on process improvement and project management.
• Proven track record of successfully managing complex projects and delivering results in a fast-paced environment.
• Demonstrated experience in developing and implementing procedures and standards.
• Track record of successfully managing high-priority projects and delivering results in a fast-paced environment.
• Knowledge of frameworks such as ISO 27001, NIST Cybersecurity Framework, or GDPR preferred.
• Certifications such as Project Management Professional (PMP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) are preferred but not required.