Manager, Information Security
Job Summary: The Information Security Manager provides security technology leadership and support while managing and implementing the Cybersecurity Program through key strategies, technologies, processes, and procedures that align with Great Wolf’s security needs and objectives. Partner with lines of business to respond to evolving business requirements and emerging threats. Leverage knowledge of today's ever-changing cybersecurity and risk landscape to influence IT operations across the company. Responsibilities include offering guidance, best practices, and support across businesses, managing risk reviews and vulnerability assessments, identifying threats, communicating with stakeholders, and managing budgets
- Provides management and direction to Great Wolf cybersecurity platform stack, policies, processes, and procedures for our rapidly growing organization
- Manage the strategic approach and processes for information security and PCI compliance programs through the NIST maturity model
- Assist with the implementation of security awareness training strategy to provide consistent, information security and PCI compliance training across all Great Wolf locations
- Responsible for performing 3rd party risk assessment and vulnerability mitigation programs.
- Manage 3rd party security partner service delivery to maintain and enhance Great Wolf security posture
- Lead functional staff operating the EDR service and ensure integration in the overall detection and response process
- Facilitate information gathering, requirements analysis and design standards that support actionable PAM / IAM strategies as well as functional requirements for PAM / IAM solution implementation.
- Assist with the day-to-day management of network and end-user security solutions
- Manage and deliver a complete lifecycle of vulnerability management and remediation concepts and activities.
- Provide support with respect to requirements gathering, project management and delivery of cybersecurity services
- Bachelor’s degree; STEM (science, technology, engineering, or mathematics) preferred
- A minimum of 7 years of experience in technology, network management, and information security
- 3+ years of experience in vendor management
- Certified Information Systems Security Professional (CISSP) certification
- Deep knowledge and experience with Cisco networks and security platforms (certification preferred)
- Experience with modern information security software, including management of end point protection
- Experience performing IT/IS security risk assessments, audits, and security incident investigations
- Experience with the application of infrastructure and network high-availability and resiliency architectures
- Proficiency in cybersecurity domains, including policies and standards, access controls, technology resiliency, incident management, secure systems development lifecycle, vulnerability management, and data protection
- Proven ability to collaborate with high-performing teams and individuals throughout the business to accomplish common goals
- Excellent communication, organization, and presentation skills
- Ability to effectively communicate complex concepts across all levels of management
- Lift up to 20 lbs., sit and/or stand long periods.