As a remote Information Security administrator, you are primarily responsible for protecting an organization’s data and maintaining its security systems against potential threats or risks. This includes a combination of strategic planning and day-to-day operations, which can range from developing security policies and procedures to managing a team of Information Security professionals to responding to security incidents.
Working remotely in this role means you will be expected to perform these duties from a home office or other non-traditional work environment.
We are the market leader in travel management: We help people and companies travel smarter and achieve more, and our clients include some of the world’s best-known and most innovative business and consumer brands. We operate in more than 100 countries, and most of our 10,000+ people work virtually (because a 10-second commute usually makes a lot of sense). We are committed to sustainability and supporting the success of our customers, our business and ourselves. Learn more about BCD Travel.
- Develop and implement the organization’s information security strategy and program.
- Oversee the identification, assessment and communication of security risks.
- Manage a team of information security professionals.
- Coordinate with IT and other departments to align security initiatives and policies.
- Respond to security incidents and breaches and conduct investigations as necessary.
- Facilitate security audits and manage relationships with external vendors and auditors.
- Maintain up-to-date IT security knowledge, including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
- Implement and manage security awareness training for all employees.
- Monitor, advise and comply with applicable security laws and regulations.
Required qualifications and experience:
- Certification or training relevant to the security industry such as CISA, CISM, CISSP
- Training on OWASP ASV, NIST 800-63, PCI-DSS, ISO-27001, etc.
- Knowledge of security and privacy frameworks such as PCI-DSS, NIST, SOC2, ISO-27001, GDPR, etc.
- Experienced skills related to security and legal principles (minimum 5 years)
- Managerial experience (minimum 2 years)
- Knowledge of text editor, spreadsheets, presentation creation and email software is required
- Technical background that enables the design of applications and infrastructure in accordance with regulatory and internal compliance requirements
- Attention to detail
- Certified as PCI-DSS ISA or QSA or ISO-27001 lead auditor
- Consulting background with experience in external IT audit
As this is a remote position, you will be working from your own space, which should be a quiet, distraction-free environment with a reliable internet connection. You will need to be available during company business hours and occasionally outside of business hours for emergencies or pressing issues.
- Flexible working hours and options to work from home or remotely
- Opportunities to grow your skills and career
- Christmas holidays so you can rest and recharge
- A compensation package that feels fair to you, including tools for mental, physical and financial well-being
- Professional benefits and discounts in the tourism industry
- An inclusive work environment where diversity is celebrated
- $128,000 – $162,000 per year is the estimated salary for this role at Remote.
Type of jobs:
- Full time
Instead of work:
- United States
What is the role of an information security manager and how do they keep our information safe?
The information security manager is responsible for identifying, assessing and mitigating risks to the organization’s information security. They design and oversee the implementation of a comprehensive security strategy that protects confidential data from unauthorized access. This includes setting up systems to detect potential threats, deploying robust encryption standards, ensuring compliance with regulations and laws, and staying current with the latest security enhancements. With all this, they try to keep our sensitive information safe.
Can an information security manager work remotely and what are the benefits of working remotely in this area?
Of course, information security managers can work remotely with the flexibility to set their own hours and work from anywhere. Benefits of telecommuting in this area include better concentration and productivity, more control over the work environment, and increased flexibility in terms of scheduling. In addition, telecommuting can help reduce costs associated with travel expenses.
What are the key responsibilities of an information security manager?
Key responsibilities of an information security manager include planning, implementing and overseeing security measures to protect sensitive data, monitoring the performance of security systems, ensuring compliance with all relevant laws and regulations, coordinating security activities with other departments within the organization, responding to cyber issues, incidents or extraordinary events and management of teams of information security personnel.
What are the three essential skills required of a security manager?
An information security manager should have a good understanding of risk management, data protection and compliance. They should also have exceptional organizational and communication skills to effectively manage personnel, training programs, safety policies and procedures. Finally, they must be able to develop strategies to prevent malicious attacks, identify potential security threats and respond quickly to any security breach.