Information Security Manager (Washington) Job at Conference of State Bank Supervisors (CSBS), Washington DC

K1RFVWpTaENTNk9Fb21MYytmQ2VDVm5BRmc9PQ==
  • Conference of State Bank Supervisors (CSBS)
  • Washington DC

Job Description

Job Summary

The Information Security Manager is responsible for developing, implementing, and maintaining the organization's information security program aligned to FISMA and the NIST Cyber Security Framework to ensure the confidentiality, integrity, and availability of our information and information system assets. This includes the development of policies, procedures, processes, creation of Security Authorization packages, and oversight of monthly Continuous Monitoring reports, which include vulnerability scanning, interviews, and system testing.

The manager supports security engineering architecture reviews of CSBS information systems, ensuring they are designed and built around protection needs with proven security architectures. They work with stakeholders, including system owners, engineers, auditors, and the security department, to develop deliverables, recommend solutions, and maintain or establish Authority to Operate (ATO) statuses for systems and platforms.

Essential Functions

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made for individuals with disabilities. Other duties may be assigned to meet business needs.

This role involves hands-on tasks to monitor and manage the security posture of CSBS's IT services, including analysis and evaluation of system design, architecture, and engineering practices.

Security Program Management

  • Develop security programs and projects with the CISO to address risks and security requirements.
  • Assess threat landscapes, analyze risks, and report findings.
  • Collaborate on budget projections, compliance monitoring, policy updates, vendor contracts, incident management, and security metrics development.

Security Engineering Architecture Reviews

  • Ensure security considerations in architecture and hardware/software evaluations.
  • Recommend technical controls, oversee security projects, and lead deployment of new security technologies.

CSF and RMF ATO Support

  • Develop security documentation such as SSPs, SARs, risk assessments, and contingency plans.
  • Participate in governance, manage vendor compliance, oversee risk management, and improve processes.

Additional Responsibilities

  • Monitor industry trends, contribute to forums, and implement planning and policy changes.

Minimum Qualifications

  • Bachelor's degree in relevant field or equivalent experience.
  • Certifications such as CISSP, GIAC, or CCSP required.
  • 12+ years of relevant experience, including 10+ in InfoSec, with expertise in risk assessments, cloud/mobile environments, and NIST standards.

Knowledge, Skills, and Abilities

  • Developing security policies, understanding network security principles, and familiarity with industry standards.
  • Deep knowledge of security technologies, cloud security, scripting, incident response, and effective communication skills.

Requirements

  • Interaction with confidential supervisory information, disclosure of conflicts of interest, and eligibility for a U.S. Government clearance.

Values and Leadership

CSBS emphasizes work-life balance, collaboration, leadership at all levels, and a culture of honesty, respect, and innovation.

Working Conditions

  • Office environment, some travel required.

This description is subject to revision, and employment is at-will.

Compensation

Offers are based on experience and market, with comprehensive benefits, flexible work arrangements, and an inclusive culture. More details are available on CSBS Careers.

#J-18808-Ljbffr

Job Tags

Full time, Work at office, Flexible hours,

Similar Jobs

Yexgo

Data Entry Clerk / Typing - Remote Work From Home Job at Yexgo

 ...Job Description Join our team as a Remote Data Entry Clerk, where you will be responsible for performing essential data entry tasks with a minimum input speed of 25 words per minute. This role is ideal for individuals seeking part-time remote work opportunities... 

OpenAI

Security Engineer, Application Security (San Francisco) Job at OpenAI

 ...Security is at the foundation of OpenAIs mission to ensure that artificial general intelligence benefits all of humanity. The Security...  ...might thrive in this role if you: Extensive experience in information security, cybersecurity, or a related field, with a significant... 

PlanIT Group, LLC

Digital Marketing Specialist Job at PlanIT Group, LLC

Seeking a highly skilled and motivated Digital Marketing Specialist to join our dynamic team. This role is essential for driving our digital marketing efforts, enhancing our online presence, and achieving our business objectives. The ideal candidate will have a broad understanding... 

Storm Guard of Durham Chapel Hill

Canvasser Full Time Job at Storm Guard of Durham Chapel Hill

 ...on performance Competitive salary Opportunity for advancement Training & development Join the Storm Guard Team as a Canvasser/Marketing Representative! Are you a people person who loves meeting new faces and making an impact? Do you thrive in fast-paced... 

ReadMe

Full Stack Engineer (San Francisco) Job at ReadMe

 ...Location: Remote or Hybrid (SF or NYC) ReadMe is looking for a full stack engineer who...  ...beautiful, personalized, and interactive developer hubs. If youve ever visited the developer...  ...ReadMe if You have strong expertise in modern web technologies , particularly TypeScript,...