Manager of IS Security

CIBER, Inc. provides information technology consulting services to private and public companies as well as to local, state, and federal government entities. CIBER was recently ranked the eighth best global IT outsourcing vendor of more than 4,000 vendors worldwide, and the 12th best overall outsourcing vendor worldwide, according to a June 2007 Brown-Wilson Group survey. The Brown-Wilson Group conducts annual surveys of CEOs, CFOs, CIOs, and other business decision-makers at Fortune 2000 organizations to understand users' evaluations of global outsourcing service providers.  CIBER, Inc. helps clients achieve their business goals by building, integrating and supporting mission-critical applications and systems for optimized quality, increased business value, faster time-to-market and reduced total cost of operations. Job Description: Develops, implements, maintains, and enforces information protection, information security, corporate policies, standards, and practices throughout the company  Manages the Information Security (IS) staff and functions in Information Services, assuring effective administration of security activities Develops and provides recommendations to management for overall information protection architecture and program for the Company Develops and implements employee training and awareness programs for information protection and security Partners with the Information Services Review Board and PNM Audit Services personnel to ensure information protection issues for corporate data, systems, networks, and other information assets are addressed to the satisfaction of all entities Develops effective working relationships with mid- and senior-level management of the various business units throughout the company to obtain support and acceptance of security policies and practices, and develop support for policy enforcement Manages and reports regularly on all IS projects and activities Works closely with Security Administrators and Technical staff for various systems and networks to ensure that adequate preventive and detection controls are in place Provides coordination and guidance to any decentralized or application security administration functions Assists in contingency planning and testing on a regular basis to ensure company information assets are recoverable and protected Manages the BTS work involved in all internal and external security-related audits involving systems, networks, and data Participates with internal departments in risk assessment activities and new software development projects to ensure data security Accesses control and business recovery procedures inherent in all new information technology implementations Project Info: Manages an information security staff that is responsible for day-to-day security administrative functions, analysis, and monitoring.  Coordinates and works closely with all system and application security administrators throughout the Company to ensure policies and standards are followed.  May not be directly responsible for an employee, but must develop working relationships and influence the work in order to implement security processes. In-depth management, negotiation, technical skills, and demonstrated leadership and customer service skills Understanding of and ability to relate business requirements and risks to technology implementation for security related issues Excellent skills in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Demonstrated skills in personnel management, budget management, and conflict management Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to organize, create, and deliver technical proposals and presentations to peers and management Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to keep the Company in compliance and reduce legal liabilities Skills Required: In-depth knowledge and experience with mainframe and client/server applications and information security issues In-depth knowledge of Microsoft NT Advanced Server and UNIX security functionality Working knowledge of ACF2 security software. Working knowledge of database product security technology, specifically Oracle and DB2 and generalCertified IS Auditor Cert Info Sys Security ProfCome join our team, leverage our 33 years of experience around delivering projects and advance your career with CIBER by submitting your resume to Jeff Dean at jdean@ciber.com or call directly at 972-831-3307. CIBER is an EOE Location: Albuquerque, uq 87101 Status: Full Time, Employee Job Category: IT/Software Development Company: CIBER, Inc.