At McKinstry, we're proud to be a collective group of innovators and problem solvers, builders and engineers, mentors and students. We strive to create a safe and engaging work environment that empowers you to do the work you are passionate about.
We believe deeply that energy and facility services, engineering and construction are revolutionizing the built environment - and if you're driven by our mission to transform ideas into meaningful relationships and together, build a thriving planet, McKinstry may be the place for you. Serving our community together is one of the ways we at McKinstry put our shared purpose into action.
Total collaboration and a diverse, employee-centric work experience are what we can provide you. Integrated delivery and true consultative partnership are what you will help us provide for our clients. Our culture is what differentiates us and because of this, we seek exceptional talent that believes what we believe.
Here's where you come in:
We are currently seeking a Manager, Information Security to join our team as a member of our Technology division. As McKinstry has grown, so too has the need for better corporate security policies and procedures. It will be the primary responsibility of this person to align our security platform to the growth and McKinstry 2025 vision.
You're great at:
* Work with the Technology leadership, to develop a security program and security projects that address identified risks and business security requirements.
* Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing the CIO with a realistic overview of risks and threats in the enterprise environment.
* Manage a staff of information security professionals, hire and train new staff, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members.
* Manage production issues and incidents, and participate in problem, RCA and change management processes.
* Serve as an active and consistent participant in the information security governance process.
* Work with IT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.
* Consult with IT, security and software development staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.
* Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools.
* Work with the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements.
* Manage and coordinate operational components of incident management, including detection, response and reporting.
* Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
* Manage security projects and provide expert guidance on security matters for other IT projects.
* Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.
What we would like to see from you:
* A minimum of seven years of IT experience, with five years in an information security role and at least two years in a supervisory capacity.
* A bachelor's degree in information systems or equivalent work experience required; an M.B.A. or M.S. in information security is preferred.
* CISSP, CASP, CISP, Security+ or equivalent certifications preferred.
* Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks required.
* Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision required.
* Experience developing and maintaining policies, procedures, standards and guidelines required.
* Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies required.
* Strong analytical skills to analyze security requirements and relate them to appropriate security controls required.
* Experience in system technology security testing (vulnerability scanning and penetration testing) required.
Physical Demands and Work Environment
* Sitting for extended periods of time
* Dexterity of hands and fingers to operate a computer keyboard, mouse, power tools, and to handle other computer components.
* On call availability 24 hours 7 days a week.
* Ability and willingness to travel regionally.
* Provide personal transportation for meetings and job visits away from the office; reimbursed.
The McKinstry group of companies are equal opportunity employers. We are committed to providing equal employment opportunities to all employees and qualified applicants without regard to sex, gender identity, sexual orientation, age, race, color, creed, marital status, national origin, disability, veteran status or any other basis protected by law. This policy applies to all terms and conditions of employment including, but not limited to employment, advancement, assignment, and training.
McKinstry is committed to strengthening our diversity through recruiting and retaining minority and women professionals from all backgrounds. Our commitment is consistent with our recognition that it is the outstanding people within McKinstry who have always been the source of our strength. We recognize that promoting diversity is an integral component of our continuing quest for organizational excellence.
This commitment to Equal Employment Opportunity is made equally as a social responsibility and as an economic and business necessity.
McKinstry is a drug-free workplace. Employment is contingent upon successfully passing a pre-employment drug and alcohol test, complying with the requirements of the Immigration Reform and Control Act and a Confidentiality Agreement, in addition to successful outcomes of background and reference checks.
Anyone with questions or concerns regarding Equal Employment Opportunity should contact their direct supervisor or the Human Resources Department without fear of retaliation of any kind.
McKinstry is a design, build, operate and maintain (DBOM) company.