Talking Stick Resort
IT SECURITY MANAGER
– Talking Stick Resort
Department:
Information Technology Reports to:
Director of Information Technology
Summary The IT Security Manager oversees the development and operations of enterprise security policies, procedures, and solutions, and establishes governance through policy, architecture, and training processes. The role directs security‑related projects, interfaces with the Project Management Office, Network, Help Desk, and Applications departments, and collaborates with business units to elevate security posture.
Essential Duties and Responsibilities
Develop, maintain, and publish corporate‑level information security standards, procedures, and guidelines, including compliance monitoring procedures.
Design, review and implement security structures to support data and system security needs.
Oversee and measure the success of the change management program and ensure readiness of changes.
Work with technical and business leadership to establish, implement and maintain adequate network perimeter protection.
Oversee continuous monitoring of cyber security activities including penetration testing and vulnerability management.
Implement and maintain security controls in alignment with CIS and NIST Cyber Security Framework.
Support and optimize IAM Architecture with implementation of IAM projects.
Ensure applications are developed and deployed in alignment with privacy principles.
Provide thought leadership and technical guidance on systems management, operations and best practices.
Review project deliverables for security architecture impact and work with PMO to enforce compliance.
Enforce department policies, gaming compact, tribal gaming agency laws, HIPAA, PCI‑DSS and third‑party compliance.
Implement training programs for applications and onboarding for all employees with data access.
Promote information security awareness across all enterprise locations.
Education and Experience
Bachelor's degree in Computer Science or related field, or equivalent technical certifications and education.
Minimum 2 years of management experience with an IT Security team.
Minimum 3 years of experience creating, updating, and managing security‑related policies and procedures.
Minimum 1 year of experience negotiating technical support contracts and managing third‑party contractors.
Substantial experience (≥3 years) leading information security in a medium or larger business.
Working knowledge of PCI‑DSS and HIPAA regulations.
Ability to manage multiple concurrent projects, activities, and tasks.
Preferred Experience and Skills
Direct project management experience, including process development and execution.
Experience managing network infrastructure, communications devices, protocols, servers, and endpoint technologies.
Experience driving security awareness programs organization‑wide.
Facilitation of change management board meetings.
Understanding of identity and access management technologies (SSO, SAML, federation).
Hands‑on experience with SIEM, firewalls, IDS/IPS, and perimeter security.
Experience with NIST 800‑53, NIST CSF, ISO27001/2 frameworks.
Certifications Candidate should possess active certifications such as CISSP, CISM, or CGEIT, and maintain deep knowledge with Cisco, Microsoft, Oracle, and other security technologies.
Language Skills Read, write, speak, and understand English.
Physical Demands Requires standing for prolonged periods, walking, use of hands and fingers, reaching, climbing, stooping, and lifting up to 25 pounds. Vision requirements include close, distance, color, peripheral, depth perception, and ability to adjust focus.
Work Environment Exposure to secondary smoke; noise level moderate to loud.
Seniority level:
Mid‑Senior level Employment type:
Full‑time Job function:
Information Technology Industry:
Hospitality
#J-18808-Ljbffr
– Talking Stick Resort
Department:
Information Technology Reports to:
Director of Information Technology
Summary The IT Security Manager oversees the development and operations of enterprise security policies, procedures, and solutions, and establishes governance through policy, architecture, and training processes. The role directs security‑related projects, interfaces with the Project Management Office, Network, Help Desk, and Applications departments, and collaborates with business units to elevate security posture.
Essential Duties and Responsibilities
Develop, maintain, and publish corporate‑level information security standards, procedures, and guidelines, including compliance monitoring procedures.
Design, review and implement security structures to support data and system security needs.
Oversee and measure the success of the change management program and ensure readiness of changes.
Work with technical and business leadership to establish, implement and maintain adequate network perimeter protection.
Oversee continuous monitoring of cyber security activities including penetration testing and vulnerability management.
Implement and maintain security controls in alignment with CIS and NIST Cyber Security Framework.
Support and optimize IAM Architecture with implementation of IAM projects.
Ensure applications are developed and deployed in alignment with privacy principles.
Provide thought leadership and technical guidance on systems management, operations and best practices.
Review project deliverables for security architecture impact and work with PMO to enforce compliance.
Enforce department policies, gaming compact, tribal gaming agency laws, HIPAA, PCI‑DSS and third‑party compliance.
Implement training programs for applications and onboarding for all employees with data access.
Promote information security awareness across all enterprise locations.
Education and Experience
Bachelor's degree in Computer Science or related field, or equivalent technical certifications and education.
Minimum 2 years of management experience with an IT Security team.
Minimum 3 years of experience creating, updating, and managing security‑related policies and procedures.
Minimum 1 year of experience negotiating technical support contracts and managing third‑party contractors.
Substantial experience (≥3 years) leading information security in a medium or larger business.
Working knowledge of PCI‑DSS and HIPAA regulations.
Ability to manage multiple concurrent projects, activities, and tasks.
Preferred Experience and Skills
Direct project management experience, including process development and execution.
Experience managing network infrastructure, communications devices, protocols, servers, and endpoint technologies.
Experience driving security awareness programs organization‑wide.
Facilitation of change management board meetings.
Understanding of identity and access management technologies (SSO, SAML, federation).
Hands‑on experience with SIEM, firewalls, IDS/IPS, and perimeter security.
Experience with NIST 800‑53, NIST CSF, ISO27001/2 frameworks.
Certifications Candidate should possess active certifications such as CISSP, CISM, or CGEIT, and maintain deep knowledge with Cisco, Microsoft, Oracle, and other security technologies.
Language Skills Read, write, speak, and understand English.
Physical Demands Requires standing for prolonged periods, walking, use of hands and fingers, reaching, climbing, stooping, and lifting up to 25 pounds. Vision requirements include close, distance, color, peripheral, depth perception, and ability to adjust focus.
Work Environment Exposure to secondary smoke; noise level moderate to loud.
Seniority level:
Mid‑Senior level Employment type:
Full‑time Job function:
Information Technology Industry:
Hospitality
#J-18808-Ljbffr