Job Description With the high visibility we have online, Information Security is a critical top priority here at Client. We are looking for an accomplished Senior Information Security Manager to build out, implement and manage an extensive Information Security program with a wide-variety of coverage and influence. This is a highly dynamic role that will involve support for both broad range security risk assessments around company-wide policies and procedures, and application security as it relates to our development lifecycle. This individual will work very closely with our Vice President of Information Security. Job Responsibilities Provide security guidance to our developers to ensure that our continuous stream of new applications and services are as robust as possible Identifies, highlights, and provides security recommendations during requirement and design reviews Conducts in-house penetration testing and code-reviews of Prosper applications and platform Conduct regular security assessments of internally developed applications Create automated tests to encourage and enforce security standards Develop security training and education for our software engineers Define an information risk management strategy and implementation road map Evaluate Clientrsquos existing information security and data privacy architecture for effectiveness Lead the cross functional effort to define secure configuration standards for key technology platforms Define an information risk assessment process and conduct annual risk assessments Design and implement processes and technology solutions to assess, monitor, audit and enforce compliance with internal and regulatory requirements, such as PCI, SOX, and others Creating detailed business, technology, operational and, security requirements Solution delivery implementation (directly or through partnerships) Qualifications BS in Computer Science or related, with 5 years of experience in applicationIT security Strong programming background Experience with modern Web Application Framework (JavaRails.Net) required, .Net Framework 3.0 ndash 4.0, ASP.NET, ASP.Net MVC desirable, NHibernate, IoC based Framework, AOP Framework, Web Services (SOAPWSDL or ReSTWADL), WCF desirable Knowledge of Security Flaws and its Resolution as listed in sites like OWASP, SANS, etc. IT Security CISSP and CISM Certifications Web Application, Network and Systems infrastructure security support, IT Audit and Sarbanes-Oxley Compliance Experience in secure application programming, code reviewing, and penetration testing web based application Experience leading implementation efforts of security initiatives and resolutions of any findings from internal or external assessments Experience identifying security risks and developing solutions to eliminate or minimize risks Knowledge of software design, software, network architecture, protocols, and standards Strong information security skills related to IT infrastructure and data security Strong knowledge of US and International regulatory requirements Strong knowledge of Information Security and Risk Management Knowledge of Payment Card and Financial Industry is a plus Contact Person Himanshu Chauhan Contact Details
Associated topics: chief program officer, cpo, manage, manager, management, monitor, product manager, project manager, relationship manager, task
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.