IS Program Manager - ISO 27001 Cybersecurity- 249418

Job Description

IS (Information Security) Program Manager: Remote/Home Office approved

Roles and Responsibilities:

The primary responsibilities of this position are focused on ensuring the all departments meet International, Federal, State and Local compliance requirements with which management has determined should comply.  This includes providing direction and procedures to work groups to ensure that all departments can be certified in various Information Security and Data Privacy compliance certifications. Perform internal audits to ensure compliance.  Work with external auditor to provide requested information and ensure audit success.

Directs programs, policies, and practices to ensure that all business units are in compliance with financial, legal, human resources, security and operational policy and reporting regulations. 

Tracks laws, regulations and compliance standards that might affect the organization's policies and implements necessary changes. 

Develops organizational compliance strategies by contributing information, analysis, and recommendations to strategic thinking and direction of corporate objectives.

Demonstrates expertise in a variety of the field's concepts, practices, and procedures. Typically reports to top management.

Manages a departmental sub-function within a broader departmental function by performing internal audits to ensure compliance adherence. 

Creates functional strategies and specific objectives for the sub-function and develops budgets/policies/procedures to support the functional infrastructure. 

Assists sales and marketing with proper presentation of corporate compliance initiatives.

Organizes and facilitates responses to customer requests for compliance information and/or compliance audits.

Deep knowledge of the managed sub-function and solid knowledge of the overall departmental function. 

Implementation, operation and maintenance of the Information Security Management System based on the ISO 27001 standards, including certification.

Performs information security risk assessments and assess the control environment of the business processes and applications under review, including both manual and automated processes in accordance with the information security program

Develop remediation and corrective action plans with related governance and operational functions (such as Physical Security/Facilities, Risk Management, IT, HR, Legal and Compliance) plus senior and middle managers throughout the organization as necessary

Develop supporting information security awareness, training, and educational material

Minimum Requirements:

• Bachelor’s Degree preferably in Information Assurance, Risk Management, or Networking

• At least 5 years of working with ISO 27001:2013, 27004:2016, 27005:2018, 27006:2015, 27017:2015, 27018:2019, 19011:2018, SSAE16/18, SOC2 type 1 and 2.and expertise in applying the standards to office environments

• 2 to 5+ Years of executing IS Management Systems in multi-site international environments

• At least 5 years in the field including at least one ISMS development and deployment

• Experience developing business centric policies and procedures based on the standards for a non-manufacturing environment 

• Able to interface with all levels of the organization

• Ability to get work done through a network of volunteers

• Ability to influence decision makers through well founded presentations and discourse

• Excellent interpersonal, communication and analytical skills 

• Well-developed writing skills, especially when creating clear and concise procedures

• Ability to manage multiple projects/tasks and work independently with minimal supervision

• Proficient in MS Office (Word, Excel, PowerPoint, and Access) 

• Demonstrated ability to recognize, evaluate, and recommend controls for workplace hazards

• Effective critical thinking and problem-solving skills

• Position requires up to 20% travel

• Understanding of risk management, threat assessment and risk treatment actions is critical.

NOTE: Qualified Applicants must be legally authorized for employment in the Unites States.  Qualified Applicants will not require employer sponsored work authorization now or in the future for employment in the United States.


Organization: Digital Industries

Company: Siemens Industry Software Inc.

Experience Level: Experienced Professional

Job Type: Full-time

Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.

EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here.

Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here.

California Privacy Notice
California residents have the right to receive additional notices about their personal information. To learn more, click here.

Can't find what you are looking for?

Let's stay connected

Can't find what you are looking for?