At NorthStar Memorial Group, we choose collaboration over bureaucracy. Here, everyone has a chance to lead. We encourage & empower our people at every level to speak up, be heard, and watch their ideas become realities.

NorthStar Memorial Group is seeking a Hybrid IT Security Manager in Houston, TX to achieve our company’s data security and compliance objectives.

The IT Security and Compliance Manager is a technical, hands-on role, responsible for designing, administering, and providing leadership for the organization’s information security and compliance program. You can expect your time to be shared between the following focus areas: Information Security 50%, Team Management 30%, Compliance 10%, Risk Management 10%.

Responsibilities

• Serve as Subject Matter Expert on cybersecurity and compliance
• Advise the VP of IT, CIO, and other executives on the best strategies for optimizing the security of data systems, information assets, and general business processes
• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
• Manage and provide hands-on leadership for the department’s incident response activities, including testing, investigation, containment, and recovery efforts, as needed.
• Manage information security personnel
• Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement
• Implement and oversee technological upgrades, improvements and major changes to the information security environment
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
• Collaborate with cross-functional teams to ensure that security requirements are incorporated into system and network design, development, and implementation processes.
• Perform vulnerability assessments, penetration testing, and risk assessments to identify and prioritize potential security risks and vulnerabilities.
• Conduct regular training sessions and workshops to educate employees about the latest information security and compliance policy updates
• Manage NorthStar’s third-party risk management program.
• Advise department heads on data privacy best practices.
• Stay up to date on the latest security threats, technologies, and industry trends, and provide recommendations for improving security posture.
• Conduct assessments and audits to measure and evaluate and document disaster recovery programs

Qualifications

• Proven work experience as a System Security Engineer or Information Security Engineer
• Minimum of 3-5 years of management experience in cyber-security.
• Bachelor's degree in Computer Science, Information Technology, or equivalent experience.
• CISSP, CISM, CEH, or other security certifications.
• Strong knowledge of security principles and best practices, such as NIST, ISO 27001, and CIS security controls.
• Hands-on experience with security technologies such as firewalls, IDS/IPS, log and event management, content filtering, endpoint detection and response, and vulnerability scanning tools.
• Detailed technical knowledge of database and operating system security
• Knowledge of core Information Security concepts related to Governance, Risk & compliance
• Familiarity with security-related regulations, such as CCPA, SEC Cyber 7, and PCI-DSS.
• Excellent analytical, problem-solving, and troubleshooting skills.
• Ability to travel approximately 5%

We are an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender, gender identity, national origin, disability, or veteran status.

#INDCORE1