Information Security Governance Manager

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.

The Information Security Governance Manager is responsible for leading and coordinating multiple information security-governance, risk, and compliance- related activities. This includes coordination of ISO 27001 audit activities, management of Information Security program documentation, managing security awareness training course content, and supporting client due diligence by responding to client security questionnaires, requests for proposal, and requests for information.

Essential Duties

• Coordinate ISO 27001 Audit Activities: Liaise, plan and coordinate ISO 27001 certification audits including coordination with auditors and control owners. Liaise with auditors to gather and evaluate evidence for ISO 27001 audits, drive remediation efforts and report on potential risks.

• Manage Information Security Program Documentation: Lead the process of reviewing and updating information security policy, standards, procedures, and related documentation. Provide Subject Matter Expertise and leadership in the areas of security policies, standards and related compliance.

• Provide Client Due Diligence Support: Respond to and complete client security questionnaires, requests for proposals, and requests for information.

• Security Awareness Content Creation and Oversight: Manage and coordinate updates to security awareness course content, periodic articles, and report / escalate delinquencies.

EDUCATION/CERTIFICATIONS

Required:

• Bachelor’s degree or equivalent work experience

Preferred:

• CISSP, CISA

• Master’s degree in a relevant field

TECHNICAL/SOFT SKILLS

Required:

• Technical writing

• Critical and structured thinking, formal analytic methods

• Ability to brief executives and a variety of stakeholders

• Solid understanding of security applied to OS, applications, networking, cloud, mobile, etc.

• Ability to perform under pressure and handle multiple priorities

EXPERIENCE

Required:

·       10+ years of information security experience

·       Experience and familiarity with the ISO 27001 standard

LEADERSHIP SKILLS

Required:

·       Required: strong leadership skills

·       Required: excellent conflict resolution skills

·       Required: excellent written and oral communication

Preferred:

. Management experience

You want your next step to be the right one. You’ve worked hard to get where you are today. And now you’re ready to use your unique skills, talents and personality to achieve great things. RSM is a place where you are valued as an individual, mentored as a future leader, and recognized for your accomplishments and potential. Working directly with clients, key decision makers and business owners across various industries and geographies, you’ll move quickly along the learning curve and our clients will benefit from your fresh perspective.

Experience RSM. Experience the power of being understood.