The Senior Manager of Information Security in IT is responsible for leading and overseeing an organization's technical information security program. This includes technical program management, developing and implementing strategies, policies, and procedures to protect the company's information assets, systems, and networks from potential threats and cyber-attacks. The role involves conducting security risk assessments, enforcing security controls, and coordinating incident response efforts. The ideal candidate should have a strong background in information security, risk management, technical project management and leadership skills. The ideal candidate will work closely with cross-functional teams and senior management to ensure IT compliance with security standards and promote a security-conscious culture. Advanced certifications and relevant experience in information security management will be good for this position.

<Essential Duties and Responsibilities>

The role is responsible for overseeing and managing an organization's IT security initiatives to protect its assets, employees, and stakeholders. The main responsibilities include:

1. Technical Project Management: Oversee and develop technical project management frameworks.

2. Technical Security Strategy: Develop and implement a comprehensive security strategy aligned with the IT organization's goals and risk profile.

3. IT Policy and Procedure Development: Establish and enforce security policies, procedures, and guidelines to ensure compliance with industry standards and regulations.

4. IT Risk Assessment: Conduct regular risk assessments to identify potential security vulnerabilities and develop mitigation plans.

5. Incident Management: Lead the response to security incidents, coordinating efforts to minimize the impact and recover from any breaches.

6. Physical Security: Implement measures to safeguard the organization's physical assets and facilities, including access controls and surveillance systems.

7. Cybersecurity: Oversee the deployment of cybersecurity measures to protect information systems, networks, and data from cyber threats.

8. Personnel Security: Ensure the organization follows appropriate practices for security training, and awareness programs.

9. Resource Management: Manage the staffing, and resource allocation efficiently.

10. IT Compliance: Ensure adherence to relevant security laws, regulations, and industry standards.

11. IT Vendor Management: Oversee security-related vendors and service providers to ensure they meet security requirements.

12. IT Security Awareness: Promote a security-aware culture throughout the organization through training and education initiatives.

13. IT Business Continuity Planning: Develop and test business continuity and disaster recovery plans to ensure the organization's ability to respond to disruptions effectively.

14. Reporting: Provide regular reports to senior management on security incidents, risks, and the overall effectiveness of security measures.

15. IT Security Audits: Collaborate with internal and external auditors to conduct security assessments and address any findings.

16. Emerging Threats and Technologies: Stay informed about the latest security trends, technologies, and threats to continuously improve the organization's security posture.