Donaldson Information Security Operations Manager in Bloomington, Minnesota

Title: Information Security Operations Manager Location: Bloomington Other Locations: null

The information security operations manager is a critical member of the Information Risk Management team. In this position, you will act as an interface between the strategic and process-based activities and the work of the technology-focused analysts, engineers and administrators in the IT organization. You will also be responsible for coordinating the IT organization's technical activities to implement and manage security operations.

In order to be successful in this position, you will need a strong technical background, as well as an ability to work with the IT organization and business management to align priorities and plans with key business objectives. You willl act as an empowered representative of the Information Risk Management leader during IT planning initiatives to ensure that security measures are incorporated into strategic IT plans and that service expectations are clearly defined.

Non Technical:

Demonstrated ability to create and implement a security operations center.

Strong leadership skills with the ability to build effective teams that work effectively at all levels of the organization.

Strong grasp of the value of investment in terms of costs, benefits and strategic value.

Proven ability to identify and respond to security incidents, both technical and non-technical.

Must be a great communicator, articulate and persuasive.

Proven ability to negotiate with internal and external partners, demonstrating organization agility.

Technical:

Experience developing and maintaining policies and associated standard operational procedures.

Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and NIST.

Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.

Demonstrated ability to analyze security requirements and relate them to appropriate security controls.

Familiarity with the principles of cryptography and cryptanalysis.

Experience in application technology security testing (white box, black box and code review).

Experience in system technology security testing (vulnerability scanning and penetration testing).

Demonstrated ability to develop a holistic security operational metrics dashboard for all levels of the organization, based on related key performance indicators.