Job DescriptionJob DescriptionRea is a growing Top 100 business advisory & accounting firm providing our clients services intax, accounting, and business consulting.We have a ‘People First’ culture and we focus on our employees’ well-being and professional development. With over 400 professionals and locations throughout Ohio, our firm has a culture that respects a work-life balance for our team. We also provide competitive compensation and a robust benefits plan.The Information Security Manager is responsible for overseeing and improving the firm’s information security program to protect systems, data, and infrastructure. This role focuses on managing security risk, compliance, incident response, and continuous improvement of security posture. The Information Security Manager collaborates cross-functionally with IT and other business and practice areas to implement effective security controls and foster a culture of security awareness.ResponsibilitiesDevelop, implement, and maintain the firm’s information security program and initiatives roadmapDevelop, implement, maintain, and monitor security policies, procedures, and standards in alignment with industry best practices and regulatory requirementsConduct regular risk assessments, vulnerability scans, and security reviews to identify and mitigate potential threats and vulnerabilitiesIdentify, build, and implement data protection processes and technologiesWork with the firm’s third-party service providers to help manage firm information security riskCoordinate the firm’s incident response efforts, including investigation, documentation, communication, and post-incident analysisEvaluate and recommend security tools and technologies to enhance protection and visibilityManage the third-party risk program, including vendor security assessments and reviewsMaintain compliance with applicable laws, regulations, and contractual obligations by leading audits, gap analyses, and remediation effortsLead security awareness training initiatives and phishing simulations to educate employees and promote secure behaviorCollaborate with IT teams to ensure secure configuration and management of systems, networks, and cloud environmentsTrack, report, and present security metrics to leadership and stakeholdersServe as the internal subject matter expert on cybersecurity, privacy, and data protectionOther duties as assignedKnowledge, Skills, and AbilitiesExpert-level understanding of information security risks and controls, including the zero-trust modelAdvanced knowledge of information security audit and assessment methodologies and best practicesExpert-level knowledge of information security frameworks, risk management, and incident responseStrong experience with security tools and platforms (e.g., vulnerability scanners, firewalls, endpoint protection)Strong understanding of security principles in cloud (e.g., Azure, AWS), on-prem, and hybrid environmentsThorough understanding of compliance programs (e.g., SOC 2, HIPAA)Ability to stay current with emerging technologies and architecturesSolid understanding of IT enterprise architecture in a security contextHighly self-motivatedExceptional written, oral, interpersonal, and presentational skillsStrong analytical and trouble-shooting abilitiesKeen attention to detailAbility to effectively prioritize and participate in simultaneous projects of moderate to high complexityKnowledge of analysis, requirements gathering, and industry best practices and toolsAbility to effectively communicate between business and IT stakeholdersAbility to use discretion and handle confidential informationRequirementsPost-secondary education in the field of computer science, information systems, networking, information security, or related discipline5+ years of full-time work experience in cybersecurity, information security, or information technology: CISSP, CISM, CISA, Security+ certificationBenefitsRea offers a wide variety of benefits to help support our employees' health, wellness and financial goals.Health Care Plan (Medical, Dental & Vision)Retirement Plan (401k)Life Insurance (Basic, Voluntary & AD&D)Paid Time Off (Vacation, Sick & Holidays)Four (4) weeks PTOTwelve (12) paid holidays, of which three (3) are floating holidaysFamily Leave (Maternity, Paternity)Short Term & Long TermTraining & DevelopmentWellness ResourcesRea does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies without pre-approval from Rea’s Talent team. Pre-approval is required before any external candidate can be submitted. Rea will not be responsible for fees related to unsolicited resumes and for candidates who are sent directly to our hiring managers.
#J-18808-Ljbffr