Information Security Manager

- Oversee the cybersecurity management of programs, organizations, systems, or enclaves - Acquire and manage resources, including leadership support and financial resources, to achieve IT security goals and minimize organizational risk - Advise senior management on risk levels and the organizations security stance - Conduct cost/benefit analysis for information security programs, policies, and systems - Ensure necessary changes affecting the cybersecurity posture are communicated to senior leadership - Collect and maintain data for cybersecurity reporting - Communicate the importance of IT security to all organizational stakeholders - Collaborate with stakeholders to establish enterprise continuity operations and ensure program efficacy - Evaluate and implement security improvement measures as necessary - Coordinate cybersecurity inspections and reviews for the network environment - Integrate cybersecurity requirements into continuity planning - Establish enterprise information security architecture aligned with organizational strategy - Assess development efforts to ensure security safeguards are effectively implemented - Analyze economic factors and risks in decision-making processes - Explore alternative information security strategies to fulfill organizational security aims - Interface with external organizations for accurate dissemination of incident information - Interpret security requirements based on new technologies - Analyze noncompliance patterns to assess risks and overall cybersecurity effectiveness - Align IT security priorities with the overarching security strategy - Manage information security budget, staffing, and contract obligations - Monitor cybersecurity data to maintain situational awareness for the organization - Publish Computer Network Defense guidance for enterprise stakeholders - Manage the analysis and production of threat information - Evaluate the efficiency of cybersecurity safeguards in place - Oversee the information security training and awareness initiatives - Participate in security risk assessments during Security Assessment and Authorization - Prepare and maintain plans and standard operating procedures for network security - Provide cybersecurity and supply chain risk management guidance for business continuity plans - Lead IT personnel by promoting cybersecurity awareness and training according to their roles - Employ techniques for detecting intrusions using relevant technologies - Integrate information security requirements into the acquisition process, ensuring robust practices are established