• Compliance and Security Manager

    Job Post Information* : Posted Date 1 month ago(4/20/2018 11:26 AM)
    # of Positions
    Work Location (City/State)
    Detroit, MI
  • Who We Are


    Every day, our solutions affect people throughout the world. From Fortune 100 companies to start-ups, GalaxE develops and implements strategic projects that are critical to the success of customers’ businesses and the lives of tens of millions of people.


    For over twenty-five years, we have grown and evolved into a multi-national firm that employs over 2000 team members worldwide. But we’re not done evolving. It took collaboration and innovation to get here, and it takes collaboration and innovation to get where we (and our customers) want to be tomorrow.  


    What does this mean for our employees? They have the security of an established company, with the benefits of working for a company where great minds, hard work, leadership and innovation are highly regarded and rewarded.


    As Thomas Edison said, “There’s a way to do it better – find it”. We want our employees to find it.


    We’re looking for creative people, with an entrepreneurial spirit, looking to work on awesome projects! Sound like you? Come work with us! Find out for yourself what it means to be part of the GalaxE team.


    It’s not always easy, but important work never is. #WeAreGalaxE


    Equal Opportunity Employer/Veterans/Disabled

    What You Will Do


    • Responsible for overall physical and asset security enterprise wide
    • Oversees Information Security Programs, Framework, and Methodologies
    • Responsible for the assisting and verifying the Enterprise Security Teams and reports all pertinent information up to the Director of IS Operations
    • Performs security risk assessments for facilities, personnel, applications, infrastructure, and vendor/third parties
    • Performs vulnerability assessments to ensure the technical and physical security of GalaxE Information Technology assets, as well as assess third party vendors
    • Responsible for review of technical security requirements, and supports the review, approval and tracking of security exceptions and remediation
    • Develops and implements information security standards, processes and procedures, and guidelines for the enterprise
    • Ensures and monitors security compliance against industry and government rules and regulations
    • Coordinates with technology and business groups to assess, implement, and monitor information security risks/hazards
    • Continually improve the Information Security Incident Response Plan and manages the execution of the plan should an incident occur
    • Reports security performance globally against established security metrics
    • Manages the information security awareness program to ensure staff members across the organization understand the policies and procedures related to information security
    • Integrates legislated compliance requirements that impact Point-of-Sale security and IT services/general controls, including Sarbanes Oxley Section 404 requirements, Personally Identifiable Information (PII) and Health Insurance Portability and Accountability Act (HIPAA)
    • Researches and evaluates new information security technologies; maintains awareness of trends in state-of-the-art technologies in the Information Technology Security Administration disciplines; conducts and participates in the review, evaluation, and recommendation of software products, productivity tools, and external services; possesses advanced knowledge of information assurance technologies and principles
    • Audits and reviews all information security issues in the organization, partners with other organizations on information security issues (such as Asset Protection and Legal), and manages all information security incidents and threats – both internal and external
    • Maintains relationships with local, state and federal law enforcement and other related government agencies
    • Oversees incident response planning as well as the investigation of security breaches, and assists with disciplinary and legal matters associated with such breaches as necessary
    • Creates workplace violence awareness and prevention programs and prioritizes security initiatives
    • Works with outside consultants as appropriate for independent security audits
    • Maintain and improve policies and procedures regarding areas such as business continuity planning, loss and fraud prevention, and privacy
    • Develop and strengthen procedures to ensure physical safety of employees and visitors
    • Enforce and improve network access and monitoring policies
    • Conducts audits using industry standard tools to find holes in security platform and report security performance against established security metrics
    • Supports all corporate policies, procedures, and quality & confidentiality standards as outlined in The GalaxE Group Employee Guide
    • Review contractual requirements from a security perspective and enact controls as needed.
    • Other duties as assigned


    Skills and Experience You Will Need

    Required Skills:

    • 5+ years of experience in an information security role
    • 2+ years of managing a security team or group
    • ITIL Basics Certification Mandatory
    • Certified Information Security Manager (CISM) preferred
    • Certified Information Systems Auditor (CISA) Preferred
    • Certified Ethical Hacker (CEH) desirable
    • Experience with Symantec security products mandatory
    • Experience reviewing MSA and other contracts mandatory
    • Experience with Kali Linux and other Auditing and threat detection tools mandatory
    • Understanding of Cisco networking a plus
    • Ability to travel within the US as needed
    • Ability to manage multiple tasks simultaneously
    • Strong analytical and problem solving skills
    • Strong communication skills
    • Strong organization, leadership, and time management skills
    • Ability to work in a team environment without supervision



    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed