The Waste Management Information Security Office seeks an Information Protection Manager to join its dynamic and high-performing team. The Manager, Information Protection is responsible for helping to establish and maintain appropriate processes and coordinating activity for responding to all Security Incidents. The successful candidate will also participate in activities involved in standing up and maintaining the Incident Response infrastructure.
The candidate must have strong skills in conducting technical analysis of incidents and other security threats. The candidate must also have the ability to coordinate response actions, and disseminate technical information as appropriate in support of WM's critical infrastructure/assets.
The Manager, Information Protection needs to be well organized, reliable, a strong communicator, detail oriented, demonstrate good judgment, be confident working independently and comfortable in the handling of confidential information. The role involves extensive interaction with groups both internal and external to the company; including but not limited to: Law Enforcement, Legal, Corporate Security, Human Resources, and various IT teams and business partners.
Duties and Responsibilities:
Provide day-to-day management for the Information Protection function, responsible for security technologies utilized to protect WM's data and networks
Manage budgets related to operational and capital expense objectives
Participate in WM's Information Security Office leadership team to drive innovative security solutions, and collaboration with other IT and global functions
Responsible for managing the work environment, identifying workforce needs and ensuring performance against expectations, values and vision
Off hours support required due to the 24x7 nature of this team
Incumbent will manage a group of approximately 6 information security professionals
Education and Experience:
Minimum of 5 years of Information Protection experience
Minimum of 5 years of management experience
Fortune 500 experience
Bachelor's degree in Computer Information Systems / Management Information Systems or equivalent experience.
Certificates, Licenses and Registrations:
Must have, or able to obtain within 12 months, either the Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certifications
Other professional certifications desired include: CWSP, CISA, GIAC
Other vendor certifications desired include: CCNA, CCNP, CCSP, MSCE
Other Knowledge, Skills or Abilities Required:
Must have process design knowledge in at least one log management and SIEM tool
Must have technical proficiency in at least one endpoint protection tool (includes anti-virus, host firewall, and host intrusion prevention system)
Must have thorough knowledge of building secure infrastructure standards
Other Knowledge, Skills or Abilities that Contribute to Success:
Ability to create and deliver presentations targeted to either end users or senior management
Highly technical across a broad range of computing platforms and network protocols
Experience in several or more of the following technologies: Firewalls, Intrusion Prevention, Vulnerability Scanning, Data Loss Prevention, Email Security, Endpoint Security, DNS, Web Content Filtering, SEIM, AV, Certificate Authority and encryption
Security Incident Response leadership capability
Applied knowledge of Security Intelligence and Threat Monitoring processes and technology
Understanding and experience with IP address space management, subnetting, name resolution, and directory service protocols and be able to participate and guide future network LAN/WAN planning and implementation
Familiarity with key security models and regulations such as ISO 2700x, SOX and PCI
Ability to support both internal and external audits.
Experience in the areas of change control, problem management, incident management troubleshooting of security solutions
Ability to handle successfully multiple projects at one time
Strong communicator both written and verbally
Actively participate in professional organizations such as ISSA, ISACA, and InfraGard
Waste Management is the leading provider of comprehensive waste management and environmental services in North America. We are also a...