Overview
IT Security Manager Jobs in Kansas City, MO at BlueScope Buildings North America, Inc.
Title: IT Security Manager
Company: BlueScope Buildings North America, Inc.
Location: Kansas City, MO
Company DescriptionFor over 100 years, BlueScope continues to build on our reputation of quality brands and products, leading technology and a customer-first spirit. Through our global brands, we are one of the largest manufacturers of building solutions in the world. Our diverse, bright and inspired workforce is committed to bettering the communities we serve through breakthrough thinking and innovations. Your goals, ideas and perspective can help shape our future – we look forward to hearing them!
The Information Systems department provides tools and automation to store, organize, and manipulate data while making that data easily retrievable. Various hardware and software tools, along with support, combine to enable these functions in a cost-effective method that helps to increase efficiency and
accuracy.
Job DescriptionThe IT Security Manager establishes and maintains a business wide information security management practice to ensure information assets are adequately protected. The Manager identifies, evaluates, and reports on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. The IT Security Manager proactively works
with business units to implement practices that meet defined policies and standards for information
security. They also oversee a variety of IT-related risk management activities.
Manages the day-to-day activities of threat, vulnerability, and risk management, including remediations, communications and reporting. The risk tolerance levels for information security are set globally
Manages and maintain the company’s Incident Response, Business Continuity Plan and Disaster Recovery Plan. Develops and oversees effective disaster recovery policies and standards to align with business continuity management goals. Coordinates the development of implementation plans and procedures to ensure business-critical services are recovered in the event of a security event. Provides direction, support, and in-house consulting in these areas.
Interfaces with peers in the development and network departments as well as with leaders of the business units to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation
Manages security exemption processes, particularly where it involves shared risks to the company’s systems and data.
Creates, communicates, and implements a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants, and other service providers.
Develops and manages information security budgets and monitors them for variances.
Develops and maintains a strong and effective team with clear accountabilities and direction
Defines and facilitates the information security risk assessment process, including the reporting and oversight of treatment efforts to address negative findings.
Manages audits and governs delivery of findings.
Researches, evaluates, designs, tests, recommends or plans the implementation of new or updated information security hardware or software, and analyzes its impact on the existing environment; provides technical and managerial expertise for the administration of security tools.
Understands and interacts with related disciplines to ensure the consistent application of p…
