Cyber Security Manager at Vaco in Orlando, FL
Apply for the Cyber Security Manager position at Vaco in Orlando, FL. Find the best jobs for you effortlessly with InJob.AI, your ultimate solution for job search. Discover top job opportunities and streamline your job search process.
Job Description
<div> Manage the risk to the organization posed by a variety of cyber security threats. Ensure confidentiality, integrity, and availability of systems, applications and data. Responsible for the organization's Security Program, including but not limited to daily operations of the oversight of audits, risk assessment process, and development, implementation and maintenance of policies and procedures. Create, propose and support innovative and compelling cyber security solutions. Collaborate with other technical staff on programs to identify and assess cyber security capabilities and performance in support of organizational growth and operational excellence. Lead the team to provide direction, guidance, assistance and/or mentorship to other staff and coworkers as required or requested. Essential Functions: <br/> Employees performing in this job function may perform some or all the duties. The omission of specific statements of duties does not exclude them from the position if the work is similar, related, or a logical assignment to the position. <br/> * Oversee the confidentiality, integrity and security of Clerk systems and data; <br/> * Manage and enhance the cyber security program; <br/> * Communicate and report on security events and incidents in accordance with state breach rules and requirements; <br/> * Ensure information security policies, standards and procedures are up-to-date; <br/> * Socialize and implement organizational cyber security maturity model; <br/> * Evaluate security trends, evolving threats, risks and vulnerabilities and recommend tools to mitigate risk as necessary; <br/> * Promote and sponsor organizational cyber security education and awareness program; <br/> * Submit timely and accurate security assessments and audits initiated by third party stakeholders; <br/> * Ensure gaps and deficiencies identified as a result of an audit are properly addressed; <br/> * Act as an advisor to the Senior Team in all information privacy, security and business continuity matters; <br/> * Oversee and continually ensure compliance with security related mandates, administrative orders and policies; <br/> * Ensure that the disaster recovery, business continuity, risk management, and access controls are tested and addressed; <br/> * Collaborate with operation divisions to establish governance for the security program; <br/> * Participate in the development, implementation and ongoing compliance monitoring of all vendor agreements to ensure security concerns, requirements and responsibilities are addressed; <br/> * Strategically advise on the development of new services or enhancements to exiting services to ensure "security by design" and "security by default" principles; <br/> * Coordinate with CIO to identify, prioritize and manage information security needs for future budget consideration; <br/> * Develop security relationships and procedures with external organizations; <br/> * Fully support the Clerk's Quality Policy and standards of Performance Excellence by delivering exemplary services to both internal and external customers. Provide the utmost in customer service efficiently, effectively and expeditiously; <br/> * Foster a productive work environment which elicits the utmost from co-workers and subordinates and promote a process of continual improvement in both quality and productivity throughout the organization; <br/> * Communicate with management, co-workers, staff, and the general public in a courteous and professional manner; <br/> * Conform with and abide by all regulations, policies, work procedures, and instructions; <br/> SUCCESS PROFILE <br/> Page 2 of 9 <br/> * Act, dress and behave in a professional manner to reflect a positive image of the court; <br/> * Perform other functions, duties and conduct special projects and/or research as assigned. Minimum Qualifications Required: <br/> * Bachelor's Degree in Computer Science, Management Information Systems, or directly related area; <br/> * Minimum of seven (7) years of experience in information systems and five (5) years of IT security experience, to include three (3) years of management experience. Preferred Qualifications: <br/> * Certification in any of the following is preferred: <br/> o ISC2 - Certified Information Security Professional (CISSP); <br/> o ISC2 - Certified Information System Manager (CISM); <br/> o ISACA - Certified Information Security Auditor (CISA) Technical Requirements: <br/> * Possess strong desktop and peripheral knowledge/skills, network and security skills including TCP/IP, VPN, DNS, Digital Certificates, SSL, IPSec, web security architecture; <br/> * Knowledge of Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, Software Development Security, CJIS Security Policy, NIST CSF; <br/> * Skilled in Access Control Management, Threat Detection and Response, Business Continuity, Data Loss Prevention Techniques and Tools, Malware Detection and Protection Tools, Vulnerability Management Techniques and Tools, Security Awareness Development, Policy Development, Security Operations, Fundamentals of Data Security; <br/> * Ability to: <br/> o Collaborate with department managers to determine security needs; <br/> o Plan and implement comprehensive security strategies; <br/> o Supervise, recruit, and train security personnel; <br/> o Gather security intelligence and implement preventative measures; <br/> o Develop work schedules, allocate tasks and monitor personnel performance; <br/> o Coordinate responses to emergencies and alarms, as well as compile incident reports; <br/> o Keep abreast of new technologies and advancements in security services; <br/> o Ensure compliance with organizational policies and security industry regulations; <br/> o Work onsite and remote; <br/> o Understand the types of contingency plans (e.g., Business Continuity Plan, Continuity of Operations Plan, Crisis Communications Plan, Disaster Recovery Plan, etc.); <br/> o Understand the importance of protecting data and information systems from accidental disclosure or destruction, unauthorized access or modification and inappropriate use or malicious compromise; <br/> o Understand the concept of inherent risk in end user behavior; <br/> o Demonstrate knowledge of methods to protect web services; <br/> o Understand the need for controls and privileges based on an individual's job duties; <br/> o Travel to all work locations including outlying branches. Working Conditions: <br/> This job is absent of disagreeable working conditions. This job is performed in an office work environment. <br/> This is a Safety and Security Sensitive Position in which a drug impairment constitutes an immediate and direct threat to public health, safety, or security, requiring a high degree of public trust in protecting court records and individual PII (Personally Identifiable Information). The position requires the employee to perform one or more of the following: <br/> * This position is eligible for Hybrid Remote and Flexible Work Schedule; <br/> SUCCESS PROFILE <br/> Page 3 of 9 <br/> * Work with confidential customer and/or employee information; <br/> * Access our Case Management System "Odyssey" that contains PII (personally identifiable information); <br/> * Access our "Munis System" that contains our banking accounts information, financial information, and PII (personally identifiable information); <br/> * Access to Court Evidence that includes but is not limited to (controlled substances, criminal investigation documents, weapons, and other like items); <br/> * Access to the juvenile facility; <br/> * Handle cash and other forms of payment such as credit cards; <br/> * Set up differed payments for customers; <br/> * Operate heavy equipment such as a forklift and scissor lift; <br/> * Operate company vehicle. Physical Requirements: <br/> * Constant: sitting, walking, speaking and hearing. <br/> * Constant: typing, writing, and reading. <br/> * Occasional: standing, reaching </div>
AI Powered Job Insights
Cyber Security Manager Opportunity Alert! Vaco is on the lookout for a Cyber Security Manager in Orlando, FL to safeguard their organization's data and systems from various cyber threats. The right candidate will lead the security program and collaborate with technical teams to enhance security measures across the organization. 📍 Location: Orlando, FL 💼 Position: Cyber Security Manager ⏰ Type: Full-time 📅 Date Posted: 2024-07-25 Role Summary: - Manage risks associated with cyber security threats. - Ensure confidentiality, integrity, and availability of critical systems and data. - Lead the development, implementation, and maintenance of security policies and procedures. What You'll Do: - Oversee the organization's cyber security program and daily operations. - Communicate and report security incidents per state requirements. - Promote security awareness and education across the organization. - Collaborate with departments to identify security needs and implement strategies. - Conduct security assessments and ensure compliance with audits. What's Needed: - Bachelor's Degree in Computer Science or related field. - Minimum 7 years in information systems and 5 years in IT security, with 3 years in management. - Preferred certifications include CISSP, CISM, or CISA. - Strong technical knowledge in network security, risk management, and compliance. - Leadership abilities to supervise and mentor security personnel. This position requires a commitment to public trust in managing sensitive and confidential information, along with the ability to strategize and implement innovative security solutions. Ideal candidates are proactive and detail-oriented with a significant background in cyber security management.
Top Interview Questions
- Q: Can you describe your experience with managing a cyber security program? What strategies have you implemented to enhance security posture?
A: In my previous role, I led the enhancement of our cyber security program by implementing a risk assessment process that identified key vulnerabilities across our infrastructure. I introduced regular security training for employees, fostering a culture of security awareness. Furthermore, I collaborated with cross-functional teams to integrate security by design principles into our project management workflows. This holistic approach significantly reduced our risk profile and improved our incident response times.
- Q: How do you stay updated with the latest cyber security threats and trends, and how would you apply this knowledge in your role?
A: I actively follow cybersecurity news through reputable sources such as threat intelligence platforms, blogs, and community forums. I also engage in professional organizations and attend relevant conferences. For instance, I subscribe to ransomware alerts and regularly review vulnerability databases. I leverage this knowledge to adjust our security measures accordingly, ensuring proactive defenses against emerging threats, and I share actionable insights with my team to enhance our collective understanding.
- Q: Describe a time when you had to manage a security incident. What steps did you take, and what was the outcome?
A: During a phishing attack incident at my previous company, I established a response plan that involved immediate containment, communication, and remediation. Firstly, I led the identification of affected users and suspended their accounts to prevent further breaches. We communicated transparently with our stakeholders about the incident and provided cybersecurity training for the impacted users. Post-incident, we enhanced our email filtering systems, which resulted in a 50% decrease in phishing attempts. This proactive approach not only mitigated immediate risks but also strengthened our overall security framework.
- Q: How do you ensure compliance with information security policies and regulations in your organization?
A: Ensuring compliance begins with developing clear, up-to-date policies that reflect current regulations and organizational needs. I implement regular internal audits and security assessments to check adherence to these policies. I also conduct training and awareness programs to ensure all staff understand the policies and their importance. For example, during recent audits, I identified gaps in data handling procedures and addressed them promptly, resulting in improved compliance with NIST CSF and other regulatory standards.
- Q: In your opinion, what are the key elements of a strong disaster recovery and business continuity plan?
A: A strong disaster recovery plan should encompass several key elements: thorough risk assessment to identify potential threats, clear procedures for data backup and recovery, and a communication plan that outlines how to inform stakeholders during an incident. Additionally, regular testing and updates to the plan are crucial to ensure its effectiveness. In my previous role, I established a bi-annual review process that incorporated lessons learned from drills and actual incidents, which enhanced our resilience and response capabilities significantly.
Want to get matched with your dream job?
Try InJob.ai for Free and Get Matched 100s of such opportunities!
200+ professionals have found their dream job with InJob.ai this week.
Salary Benefits
Salary details not provided
Want to apply directly?
Apply for the Cyber Security Manager position at Vaco in Orlando, FL using https://www.linkedin.com/jobs/view/3982049324
Similar Jobs found by InJob.AI
Open Systems Inc., Gainesville, GA
Pantex Plant, Amarillo, TX
NorthStar Memorial Group, Houston, TX
H&M, New York, NY
IBM, Essex Junction, VT
ION, New York, United States
Mitchell1, San Diego, CA
Tulsa City-County Library, Tulsa, OK
Frequently asked Questions
Still have a question? Check out our FAQ section below.
