Information Security Manager
Company: ERG Group
Posted on: May 6, 2021
We are looking for an inspiring IT Information Security Manager
to join ERG and contribute, at the enterprise level, in building
and growing our security team. In this role, you will join ERG's
Enterprise Information Systems (EIS) team and serve as a Security
Manager responsible for ERG's Cybersecurity posture in accordance
with government directives and program requirements.
Responsibilities will include but are not limited to:
- Provide day to day security support for the infrastructure and
ensure procedures used to protect and secure ERG's computer
systems, data and network.
- Collaborate with ERG's practice area and corporate
professionals, Facility Security Officer, Contracts Team, and
government customers on compliance and configuration change
- Perform risk analysis on threats, security alerts, and other
suspicious system or network activity.
- Identify and analyze existing processes and procedures to meet
IT Security goals and objectives.
- Plan and implement security measures, monitor for security
gaps, design effective solutions, support cybersecurity
initiatives, including certifications.
- Evaluate security incidents to determine impact & escalate
- Monitor, aggregate, label, and manage artifacts related to the
Security Program assessment and external audits.
- Establish, document, and assist with the implementation of
NIST/CMMC framework standards, procedures, processes and
guidelines, including preparing and maintaining security assessment
and authorization documents (e.g., SOP, SSP, POA&Ms). Ensure
acceptable risk-based cybersecurity by enhancing enterprise
situational awareness and risk management.
- Run vulnerability scans and analyze scan results.
- Provide reports to management and periodic corporate
- Continuously monitor systems and network components using
Security Information and Event Management (SIEM) products.
- Ensure integrity and security of company data. Required Skills:
- 5+ years working in IT with a minimum of 3 years as a leader or
emerging leader in information security management.
- Experience in assessing and implementing the requirements of
NIST SP 800-171, NIST SP 800-53 or CMMC.
- Experience in managing an ISO 27001 Information Security
- Experience performing security audits with and without
specialized SIEM tools (e.g. Microsoft Sentinel, ManageEngine
- Experience using vulnerability detection and management
- General experience with Azure Active Directory including
pulling logs and configurations.
- Ability to interpret technical vulnerability findings and work
on to remediation plans.
- Experience with Microsoft 365 (GCC High, desirable), Azure AD
and Virtual Desktop.
- Experience in Microsoft Systems and Network Administration
- Have excellent communication and organizational skills with the
ability to effectively communicate both orally and in writing with
management, other technical specialists, and users.
- Ability to plan, organize and manage tasks on time with minimal
- Must be able to obtain/maintain US DOD Security Clearance.
- Security+, CISM, or CISSP certifications a plus Job ID:
LEXSP0317212C11 Successful candidates must be committed to working
with a diverse and inclusive team. Eastern Research Group, Inc. is
an equal opportunity employer and complies with applicable EEO and
affirmative action regulations.
EOE/Minorities/Females/Vet/Disability Please be aware, the only
authentic corporate domain for Eastern Research Group, Inc. (ERG)
is www.erg.com. ERG may, on occasion, screen applicants via
telephone or video interviews via Skype, Teams, GoToMeeting, or
another type of video platform. However, any candidate extended a
job offer will be asked to meet in person with an ERG employee
before being asked to provide confidential personal information
associated with new employment. COVID-19 HIRING - most hiring
processes are currently virtual during the pandemic. All
interviews, as well as new hire orientations, will take place via
video conference using Teams, Skype, or GoToMeeting. For applicants
that require an accommodation: As a qualified individual with a
disability or a disabled veteran, you have the right to request a
reasonable accommodation if you are unable or limited in your
ability to use or access ERG's online application process as a
result of your disability. Please contact Human Resources via
e-mail at Resumes-Lex@erg.com or telephone 781-674-7293 to request
an accommodation. There's a reason ERGers are so dedicated. We work
in a friendly, flexible, inclusive environment with clients who are
committed to making the world a better place. We promote and
recognize principles of fairness, equity, and social justice in the
work we do, partnerships we foster, and culture we value both
within and outside of our organization.
Keywords: ERG Group, Boston , Information Security Manager, Executive , Lexington, Massachusetts
Didn't find what you're looking for? Search again!