Information Security Manager – Detroit Lions

The Detroit Lions and Ford Field Management currently have an opening for an Information Security Manager. Reporting to the Director of Enterprise Services, the Information Security Manager will be responsible for working on Information Security Policies, Standards, Processes and Procedures intended to prevent unauthorized access to company information assets.  The candidate selected for this role will work closely with the NFL Information Security Office to ensure league-offered security tools and services are appropriately leveraged, and best practices are implemented.

The Information Security Manager will be accountable for creating, managing and enforcing Information Security policies and procedures that meet or exceed the NFL’s Information Security Policies, and are in compliance with PCI, HIPAA, and PII regulations.  The candidate that fills this position will also be responsible for managing the security of corporate devices and applications, disaster recovery and business continuity planning, risk management and mitigation, and vulnerability management.

This full-time position includes a full benefits package as well as wonderful perks and will work out of both the Allen Park practice facility and the Ford Field stadium in downtown Detroit.

Essential Duties and Responsibilities:

The Information Security Manager position will have responsibilities including, but not limited to, the following:

• Establish, maintain, optimize, implement, and assess adoption of Information Security Policies, Standards, Processes and Procedures.
• Advocate strong security posture and ensure compliance with PCI-DSS, HIPAA, and PII regulations.
• Manage vendor security provider relationships and services.
• Conduct security audits, vulnerability scans and risk assessments, and provide recommendations to mitigate risks.
• Ensure Disaster Recovery Policies and Procedures are implemented, tested and contingency plans are established for Business Continuity.
• Own Incident Response planning and end to end response handling.
• Define and enforce controlled access to security zones as required.
• Produce and manage user Information Security Awareness Program.
• Ensure logs are monitored of any suspicious activity, security problems, or errors.  Irregularities are investigated and resolved immediately.  Historical tracking is done for future comparison and planning.
• Maintain Cyber Hygiene through vulnerability management program that ensures all systems are regularly scanned, patched, and remediated as appropriate.
• Ensure appropriate design of solutions, configuration and/or support of Firewalls, Intruder Detection or Prevention Systems, VPNs and enterprise gateway devices.
• Ensure appropriate hardening of server and desktop operating systems.

Nonessential Functions:

• Perform other duties as assigned.

Education and Experience:

• Bachelor of Science degree in Information Technology or related field is required and/or 3-5 years of experience in Information Security.
• Policy creation and lifecycle.
• Excellent communication skills, written and verbal.  Ability to translate and communicate with non-IT population.
• Solid organization skills with an ability to maintain good documentation and record keeping.
• Strong and effective problem solving skills related to Cyber Security.
• Knowledge with Firewall Configuration, Server hardening, and Desktop Security Controls.
• Strong analytical skills with the ability to provide clear and concise verbal and written communications of analyses, results, and planning.
• Previous experience with PCI-DSS, HIPAA, and other Information Security standards such as ISO/IEC 27001:2013 and NIST.
• Previous experience with backup, disaster recovery, business continuity planning
• Knowledgeable in principles of Risk Management, specifically related to Cyber Security.
• Information Security Certifications; CISSP, CISM, CRISC.

LICENSING or CERTIFICATIONS:

• A valid driving license and a good driving record are required.

To apply:

• To apply, please submit a copy of your resume along with a cover letter detailing your interest and related experience to the position.

  Due to the high volume or resumes received, we regret that we are unable to update candidates on the status of their application. Those selected for further consideration will be contacted. NO CALLS or EMAILS PLEASE.

  Equal Opportunity/Affirmative Action Employer