Information Security Manager

Information Security Manager
Charlotte, NC

Red Ventures is both a marketing and a technology company. We are expanding both nationally and globally. We operate in a myriad of industries, each with unique compliance and legal needs. With an environment that presents unique and changing challenges, it’s with excitement that we begin our search for a talented, multi-faceted Information Security Manager who will work closely with our business, legal, security, and technology teams to identify, measure and report on technology risk. You will work to ensure compliance with US and International laws, rules, standards, and contractual obligations.

This is an ideal role for someone who is passionate about IT and the myriad of IT standards and guidelines that large successful companies should follow.  If you enjoy using IT acronyms as part of your normal conversation, you may be a great candidate for this position. You will have broad latitude to work independently and coordinate and interact with a broad group of bright and energetic people throughout the company.


KEY RESPONSIBILITIES

  • Continuously identify, assess, measure and monitor information technology risk by performing hands-on risk assessments
  • Identify opportunities to reduce risk and document remediation options regarding acceptance or mitigation
  • Continuously identify, assess, measure and monitor information technology risk by performing hands-on, data-driven risk assessments
  • Identify opportunities for automation and integration of GRC programs, develop requirements and recommend solutions or products to meet the need
  • Work with technology and business teams to develop and document risk mitigation action plans, along with recommendations to reduce information security risk within their areas
  • Manage the remediation of security assessment findings and recommendations.
  • Maintain an up-to-date understanding of emerging trends in information security risks; applies new techniques and trends, in-line with overall information security objectives and risk tolerance
  • Test information security controls, across multiple business processes and/or locations, ensuring implementation techniques meet the intent of organizational compliance frameworks and security requirements
  • Review enterprise agreements and/or contracts ensuring alignment with organizational security requirements
  • Assist with enterprise vulnerability management efforts and calculate the current and residual risk
  • Assist with the development of a risk metrics and reporting framework
  • Assist in the development of the company's security program, policies, and standards
  • Assist with the development and implementation of security awareness programs
  • Have Fun

 

DESIRED QUALIFICATIONS, SKILLS AND EXPERIENCE

  • 2-4 years conducting IT risk and compliance assessments
  • 2-4 years evaluating compliance with regulatory and key IT Standards such as SOC2, ISO 27001, PCI DSS, GDPR, HIPAA/HITECH, NIST, CSA/CCM and similar
  • Experience working with ServiceNow or RSA Archer GRC
  • Fundamental understanding of Cloud environments and DevOps security compliance
  • Ability to manage multiple tasks and responsibilities, work alone or in small teams, achieve established goals and objectives, and communicate progress in a timely and meaningful manner
  • Ability to understand information security and network risks, with strong technical background and knowledge of Information Technology and security, including Linux, Windows and networking environments
  • Experience in internal or external audit in the IT risk and compliance space
  • Excellent written and verbal communication skills; must be able to interface with all levels of the organization
  • General knowledge of ServiceNow, ITIL, and asset management practices
  • Current information security certifications such as CISM, CRISC, CISSP preferred
  • Open-minded, adaptable and passionate about learning
  • Self-starter with the ability to manage their own tasks into a larger project or program effort
  • Ability to respond in kind to and appreciate the puns offered by the CISO
  • Tableau experience a plus
  • Experience with FAIR risk methodology is a plus


About Red Ventures:

Red Ventures is a multi-billion-dollar portfolio of digital companies that specialize in bringing consumers and brands together. Through bespoke technology, integrated digital commerce and sales, distinguished partnerships, data science and original content from the company’s proprietary brands and marketplaces, Red Ventures provides better end-to-end consumer experiences throughout the buying cycle.  Headquartered in the Charlotte metro area, Red Ventures has more than 3,600 employees globally in offices across the US, UK and Brazil.

Expand Description
Resume/CV
Cover Letter

HEADQUARTERS
1101 Red Ventures Drive
Fort Mill, SC 29707
704.971.2300