Digital Solutions - Information Security Governance & Communications Manager
2 days ago Be among the first 25 applicants
Get AI-powered advice on this job and more exclusive features.
Who We Are
There has never been a more exciting time to join the Digital Solutions business unit at CACI LTD. CACI helps clients transform their businesses using data and technology to prepare for current and future challenges.
Essential Duties And Responsibilities
We are seeking a highly skilled Information Security Governance & Communications Manager responsible for continually improving the security posture and awareness within our client’s organization. This role involves overseeing all aspects of cybersecurity, including risk assessments, vulnerability management, and integrating security best practices into the software development lifecycle. The candidate will collaborate with the Information Security Team to ensure application compliance with relevant standards and regulations.
A key part of the role is managing communication and reporting functions, providing updates to senior management, stakeholders, users, and development teams on security risks, remediation efforts, and overall security posture. The officer will also lead security audits and assessments and work with cross-functional teams to implement security improvements.
Key Responsibilities
Application Security Management
* Ensure applications adhere to security policies and standards, complying with industry regulations and internal policies.
* Support security assessments, including vulnerability testing, penetration testing, and risk assessments.
* Work with technical teams to embed security best practices into the SDLC, including secure coding, testing, and threat modeling.
* Monitor and manage security incidents related to applications, ensuring timely resolution.
* Align application security controls with standards such as GDPR, ISO 27001, PCI DSS, etc.
Stakeholder Communication & Reporting
* Communicate security risks, vulnerabilities, and remediation efforts to stakeholders.
* Prepare and present security reports to senior management, highlighting application security status, risks, and compliance metrics.
* Act as liaison between security teams and application stakeholders to ensure alignment.
* Manage relationships with third-party vendors ensuring compliance with security standards.
* Coordinate with auditors, review audit reports, and track findings.
* Participate in the Quality and Security forum and promote awareness of security policies and practices.
Essential Skills
* Strong attention to detail and ability to produce precise reports under tight deadlines.
* Experience in enhancing application security, aligning with standards like OWASP, Cyber Essentials, ISO 9001.
* Ability to handle confidential information and work under pressure with multiple stakeholders.
* Excellent communication skills for managing internal and external relationships.
* Ability to provide clear feedback on audit findings to executives.
* Organized, diligent, with strong planning skills.
Experience
* 5-7 years in information security, with at least 3 years in application security.
* Proven track record managing security across large application portfolios.
* Knowledge of security frameworks and compliance (NIST, ISO 27001, GDPR, PCI-DSS).
* Strong leadership skills to manage teams and security projects.
Other Details
* Pay Type: Salary
* Start Date: 02 December 2024
#J-18808-Ljbffr