Information Security Manager
The Information Security Manager (ISM) is a critical member of the IT management team responsible for the design, execution, and ongoing management of the information security program for Vista Equity Partners. The ISM must be able to translate the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting. The ISM coordinates the IT organization's technical activities to implement and manage security infrastructure, and to provide regular status and service-level reports.
The ISM is a leadership role that requires an individual with a strong technical background, as well as an ability to work with the IT organization and business management to align priorities and plans with key business objectives. The ISM will also be responsible for working with business and IT stakeholders to balance real-world risks with business drivers such as speed, agility, flexibility and performance.
This individual will have a diversified background of IT & functional experience, demonstrated project management acumen and excellent vendor management skills, be a strong people leader, in addition to a holistic, service-oriented approach to information security management. As a member of the IT Leadership Team, the role contributes to the development and execution of the overall IT strategy and ensures its alignment with Vista Equity Partnerss business strategy.
This is an exciting opportunity to drive the future state of Vista Equity Partner's security landscape. Taking an end user point of view, you will work with other technology and business stakeholders to develop an innovative roadmap to transform the way Vista works.
- Responsible for providing information assurance for digital information, ensuring its confidentiality, integrity, and availability.
- Responsibilities include the approval of authorization to operate IT systems at acceptable levels of risk, monitoring and testing of IT systems for vulnerabilities and indications of compromise, incident response and remediation, the development of appropriate policy, relevant user security awareness and training, and compliance with government and other external standards.
- Manage a portfolio of Information System Security programs.
- Prepare system security plans in accordance with the requirements of the risk analysis of individual systems/applications, and data classification.
- Support information system life cycle activities.
- Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis. Ensure system security measures comply with applicable policies.
- Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
- Conduct reviews and tech inspections to identify and mitigate potential security weaknesses, and ensure all security features applied to a system are implemented and functional
- Bachelor's or master's degree in computer science, information systems, business administration or related field, or equivalent work experience.
- 5+ years of progressive experience as an Cybersecurity professional working within an enterprise environment (Prefer Azure Experience)
- 5+ years of hands-on experience implementing, administrating and operating information security technologies such as firewalls, IDS/IPS, SIEM, Antivirus
- 2+ years of experience managing a team
- Advanced knowledge of regulatory compliance including, but not limited to OWASP, ISO, PCI-DSS, and NIST
- Hands-on experience implementing, administrating and operating technologies such as network traffic analyzers and malware analysis
- Advanced knowledge of the TCP & UDP IP protocol suite and related security architectures
- Ability to show discretion and poise in all situations
- Ability to treat sensitive/confidential information appropriately
- Strong sense of urgency, adaptability, flexibility and resourcefulness
- The ability to function professionally under pressure, while managing multiple concurrent projects and deadlines
- Must possess personal tact, discretion and good judgment. Excellent interpersonal, written and verbal communication skills
- Afterhours availability and travel are required
- CISSP, GSEC, CEH, Security+ or similar information security certification
- Experience practicing Cybersecurity in the Financial Industry
ABOUT VISTA EQUITY PARTNERS
Vista Equity Partners is a U.S.-based investment firm with offices in Austin, Chicago, New York City, Oakland, and San Francisco with more than $46 billion in cumulative capital commitments. Vista exclusively invests in software, data, and technology-enabled organizations led by world-class management teams. As a value-added investor with a long-term perspective, Vista contributes professional expertise and multi-level support towards companies to realize their full potential. Vista's investment approach is anchored by a sizable long-term capital base, experience in structuring technology-oriented transactions, and proven management techniques that yield flexibility and opportunity.