The Information Systems(IS) Security Manager develops and manages information systems, cyber-security, including disaster recovery, database protection, and software development. Ensures that all applications are functional and secure. Maintains information security standards, best practices, architecture, and systems to ensure information system security.
- Directs ongoing risk assessment programs for all new and existing systems, understands organizational goals and processes to develop effective controls for a strong security posture.
- Oversees all activities related to development, implementing, reviewing, and maintaining, company-wide information security policies and procedures.
- Reviews vulnerability and web application scans ensuring that cyber-security inspections, tests, and reviews are coordinated for the network.
- Documents initiatives related to System Security Plans, Risk Assessment Plans, Continuity of Operations Plans, Incident Response Plans, and Security Test and Evaluation standards.
- Reviews and recommends the installation, modification, or replacement of hardware or software components and any configuration change(s) that affects security.
- Ensures vulnerabilities are managed using direct periodic tests of critical systems and applications.
- Develops security awareness training and education programs and presents them to staff.
- Evaluates security incidents and determine the response(s) needed.
- Ensures a record is maintained of all security vulnerabilities.
- Conducts independent risk assessment of the information security and information technology programs.
- Provides updates, reports, and recommendations regarding standard methodology for information security and information technology controls, risk assessment, and risk remediation strategies.
- Promotes awareness of security issues and ensures sound security principles are utilized.
- Performs other duties as required.
- 5 years of Information Systems Security management experience with supervisory responsibilities.
- Bachelor’s Degree in Information Technology, Computer Science, Information Systems, or related field required. Masters Degree preferred.
- Certified Information Systems Security Professional (CISSP) certification or Certified Information Security Manager (CISM) certification preferred.
- Experience developing security documentation such as Business Continuity Plan (BCP), Business Impact Analysis (BIA), Disaster Recovery Plans (DRP), and other system plans.
- Experience with Red Hat Enterprise Linux (RHEL) and Windows Operating Systems.
Indian Preference and Equal Employment Opportunity
SCAHC gives preference in hiring to San Carlos Apache Tribal members and other Native Americans in accordance with the San Carlos Apache Tribe’s Tribal Preference Policy, as set forth in Section 402 of the Tribe’s Human Resources Department Policies and Procedures Manual. Otherwise SCAHC does not discriminate in any way to deprive any person of employment opportunities or otherwise adversely affect him/her because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, citizenship, veteran status, military or uniformed services, in accordance with all applicable governmental laws and regulations. In addition, SCAHC complies with all applicable federal, and Tribal laws governing nondiscrimination in employment.