Legal & General America

  • Manager, Information Security

    Job Locations US-MD-Frederick
    ID
    2018-2074
    # of Openings Remaining
    1
    Category
    IT
  • Overview

    At Legal & General America, we aim to make a positive difference in the lives of our customers, partners, colleagues, and the communities in which they live.  As a recognized market leader of term life insurance, we’re working to transform our business through innovation and technology to provide products and solutions that help American families secure their financial futures.

     

    We are a future-focused company, passionate about what we do and how we do it. This means working with pace and energy to reach our goals, and challenging ourselves to achieve more.  We strive to create a unique environment where balance between work and life is possible. Our employees' passion, dedication and hard work, as well as our career development opportunities, benefits, and employee activities contribute to our positive workplace culture.

     

    Reporting to the Sr. Manager of Infrastructure & Security, the role of the Information Security Manager is to provide security technology leadership and to support the implementation of the Cyber Security Strategy, Security Policy and Standards with Legal & General America (LGA).

     

    The principal purpose of this role is to reduce and mitigate security risks within Legal & General America according to an agreed risk appetite and to be the liaison between the CISO and the cyber security department.

     

    The Information Security Manager is responsible for all security considerations during the selection, planning and implementation of IT systems and providers so as to maintain IT security risk at a tolerable level in accordance with Legal & General America’s risk appetite.

     

    Responsibilities

    • Leadership – Be the trusted source of information and cyber security expertise for Legal & General America, and pro-actively provide leadership and guidance to IT and the business functions. Be a recognized focal point for Information Security related matters. Apply a pragmatic and “can do” approach to all aspects of the role, ensuring that security is an enabler to all business units. You will lead a team of security analysts who perform risk analysis, vulnerability and network testing, compliance audits, and perform research to build the type of secure environment our customers have come to expect. You will establish and enforce the policies and standards to run a security organization that is highly motivated and endlessly driven and won't settle for anything less than total success. Mentor the entire LGA team on security best practices
    • Strategy Development & Oversight – Work closely with Legal & General America’s CISO to develop implementation plans to deliver the Cyber Security Strategy outcomes and provide management reporting with metrics as required. Must have risk based decision making skills
    • Security Policy Implementation – Ensure that Security Policies & Security Standards, created by the CISO, are implemented and adhered to and that exceptions are managed under governance. Provide subject matter expertise into the development of Group Policy and Standards as required
    • 3rd Party Oversight – Lead the oversight of 3rd party’s implementation of security and provide strong challenge where needed
    • Security Awareness & Training – Implement local security awareness and training initiatives in line with the LGA’s awareness and training plans
    • Incident Management – support the business divisions in responding to cyber-incidents as and when necessary
    • Relationship Management – Establish and maintain effective relationships and governance arrangements with senior stakeholders; provide effective independent escalation and reporting of security issues, risks and deficiencies to business unit management, the Office of the CISO, and relevant governance bodies
    • Drive automation in key areas:
      • Security audits - identifying issues and developing mitigation plans that work at scale
      • Vulnerability scanning and detection
      • Security monitoring for our infrastructure, application, and network

    Qualifications

    Education

    • B.S. in Cyber Security or equivalent work experience
    • Technical training and memberships with ISO27001, CISM, etc…
    • CISSP Certified

       

    Experience/Knowledge

    • IT Security, including in-depth understanding of associated frameworks, technologies and architectures
    • Strategic planning, project management and execution
    • IT controls and associated protocols; penetration testing and vulnerability scanning tools
    • IT & Cyber regulatory environments, including HIPPA, NIST, Cyber Security requirements for New York State Dept. of Financial Services & GDPR  
    • In-depth understanding of network security and Cloud architecture, solution infrastructure and application security and vulnerability management
    • Fully abreast of trends and changing technologies as they relate to information security threats
    • Architectural security controls : application, infrastructure, network, database
    • Relevant experience Managing IT and Information Security, ideally in the financial sector
    • Track record of delivery of security solutions across an enterprise
    • Proven ability to build successful working relationships and team dynamics
    • Practical, common sense approach to delivering successful, collaborative outcomes
    • Demonstrated ability in solving complex security problems
    • Working with 3rd parties and outsourced providers
    • Experience with systems design and development from business requirements analysis through day to day management
    • Managing and interpreting performance to enable business improvements
    • Proven leadership & mentorship ability
    • Strong understanding of networking, virtualization, cloud & varying degrees of server operating systems 

    Skills/Personal Attributes

    • Demonstrated ability to communicate technical issues and information both verbally and in writing to management
    • Customer focus with superior analytical, evaluative and problem solving abilities
    • Strong understating of network topologies, routers and firewall configuration
    • Excellent written and oral communication skills
    • Ability to present ideas in business friendly and user friendly language

    Reports To

    Sr. Manager of Infrastructure and Security

    Staff

       Two Security Analysts

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed