Vulnerability Management Information Security Manager in WFH-North Carolina at National General Insurance

Job Description

Primary Purpose:

Promote an innovative, forward-thinking culture to develop, implement and monitor a strategic, comprehensive enterprise cyber security program. Reporting to the Sr. Manager of Cyber Security, you will lead a team responsible for prioritizing vulnerability remediations, deploying Microsoft and 3rd party application packages and updates into the environment, and advancing enterprise cyber security capabilities.

Essential Duties and Responsibilities:

Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

• Develop and propose Cyber Security budget based on current and projected cyber Security needs as it pertains to personnel, security solutions, and managed services.
• Encourage the development of Cyber Security personnel through coaching and training to accomplish organizational goals.
• Understand technology disciplines which may include but are not limited to, Active Directory, SCCM, Azure, data loss protection, application scanning, and and event monitoring.
• Evaluate and assess current and future security needs, make recommendations and develop business cases to improve operations.
• Comprehend, and bring into line, the regulatory and compliance requirements.
• Manage relationships with third party providers of business services to the organization which includes negotiation of contract language and evaluation of third-party risks related to cyber security practices.
• Provide regular reporting on the cyber security program to the Senior Leadership Team, Internal Risk Management, audit committees, etc.
• Interface with various internal business units to include Infrastructure and Application development teams to ensure alignment with IT Cyber Security recommended best practices.
• Manage security incidents and monitor the external environment for emerging threats, and collaborate with relevant stakeholders on the appropriate courses of action.
• Work with the compliance, application, infrastructure, and development teams on the deployment of Microsoft and 3rd party application packages and updates into the environment.
• Maintain and assess operational requirements and service issues for improvement opportunities.
• Help to ensure production, lower environment implementation and perform maintenance activities as require.
• Implement and manage effectiveness Service Request, Change and Problem management processes for the service area.

Minimum Skills and Competencies:

The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions.

• Bachelor's Degree or in-lieu of Degree equivalent education, training and work-related experience.
• 7+ years of experience as an endpoint engineer or similar job role.
• 5+ years of increasing managerial experience.
• Expert-level experience with enterprise tools such as Intune, Autopilot, MECM/SCCM, Windows Server and Desktop Operating Systems.
• Current IT Security related certifications, including one or more of the following: CISSP and/or CISM.
• Experience with system automation/configuration scripting, including VB/VBS, and PowerShell.
• Effective organization and time management skills with the ability to work under pressure in a dynamic environment.
• Excellent interpersonal, verbal, and written communication skills with the ability to communicate cyber security risks and related concepts to a broad range of technical and non-technical groups.
• Technical experience with the following disciplines: endpoint security, data loss protection, firewalls, intrusion detection and intrusion prevention, application and system scanning tools, log collection and monitoring.
• Ability to research, develop, and make executive presentations for tools, techniques, and process improvement opportunities in support of cyber security initiatives and evolving threats within the organization.
• Demonstrated knowledge and understanding of relevant legal and regulatory requirements frameworks such as: PCI, NIST, SOX,  HIPAA, NYDFS.
• Excellent project management skills including scheduling and resource management.
• Ability to function effectively in a fast-paced environment, handle multiple efforts simultaneously, prioritize and meet deadlines.
• Proficient in Microsoft Office (Word, Excel, Outlook, PowerPoint).

Desired Skills:

• Bachelor's Degree in Information Technology, Cyber Security or related field equivalent education, training and work-related experience may be acceptable in place of education.
• Master's Degree in Information Technology, Cyber Security or Computer Science.
• Supplemental education or certifications (PMP, MBA, CPA, etc.).
• IT Security experience in a regulated environment to include one more of the following industries: Insurance, Financial Services, Pharmaceuticals.

*** In performing this occupation a person would generally be required to exert force to lift/carry push/pull objects up to 20 pounds occasionally, up to 10 pounds frequently or a negligible amount constantly. It can include walking and or standing frequently even though weight is negligible. (OSHA).

#Remote

#LI-AE1

#LI-Remote

National General prides itself on offering our employees a robust Total Rewards package which includes base salary. The base range offered for the role is: $102,500.00 - $147,700.00 and may vary based on internal equity, and job-related skills, knowledge and experience; among other factors. Other financial components may be added as part of the competitive compensation package, in addition to a full range of benefits, dependent on the level and position offered.

National General Holdings Corp. is an Equal Opportunity (EO) employer – Veterans/Disabled and other protected categories. All qualified applicants will receive consideration for employment regardless of any characteristic protected by law. Candidates must possess authorization to work in the United States, as it is not our practice to sponsor individuals for work visas.

In the event you need assistance or accommodation in completing your online application, please contact NGIC main office by phone at (336) 435-2000.