Human Resources Cyber Security and Compliance Manager in St. Louis, Missouri
Have you wanted to play a vital role in building the cyber security program and ultimately own responsibility in leading the program in collaboration with the businesses, IT and 3rd party vendor partnerships? Do you have an advanced knowledge of Information Security principles and practices to drive the security of ARCO to be best in class? Do you act with integrity and hold yourself to the highest standards? If the answer is, “Yes!” then we have an exciting, long-term opportunity for you. Who are we? We are ARCO, The Design/Build Experts.
We are looking for a strong leader to step in as our Cyber Security and Compliance Manager in our corporate headquarters in St. Louis. You’ll be responsible for developing and delivering solutions that protect systems, applications and data through defined policies, practices and tools in our growing organization.
We are dedicated to the well-being of our associates and are proud to be consistently recognized as a Best Place to Work. Our compensation and benefits package not only supports our associates and their families but benefits local communities and communities around the world.
Industry-leading performance-based bonus program
Generously funded profit sharing
Traditional and Roth 401k
Tuition reimbursement for associates
Scholarship for associates’ children up to $28,000 per child
1-month paid sabbatical after every five years of employment, plus $5,000 for travel
1-week paid volunteer leave each year
100% charitable match
Medical, dental, and vision insurance coverage
100% paid 10-week maternity leave
At ARCO, our first core value is to treat people fairly and do the right thing. We are proud to be an equal opportunity employer, and all qualified applicants will receive consideration for employment.
Lead the implementation of a security initiatives and systems via well-defined plans including procedures, deadlines, and accountability.
Works with the members of the IT team on the architecture of IT applications and infrastructure assuring that security is maximized.
Develop, implement and maintain a Physical Security Program and Cyber Security Policies
Translate Information Security knowledge into actionable plans to protect enterprise assets
Provides the support, administration, and maintenance necessary to ensure effective and efficient information security
Responds to security incidents in a timely manner
Develop, maintain and exercise a security incident response plan
Performs administration of firewalls, intrusion detection and prevention systems, and SIEM solutions such as Splunk or LogRythm.
Develop and educate the IT organization in information security standards and best practices for common web applications and infrastructure.
Manage vulnerability responses by performing analysis, determining enterprise scope, impact and remediation of identified ad hoc vulnerabilities.
Stay up to date with various security vendors to support threat and vulnerability management across web, mobile and other infrastructure systems.
Responsible for developing, managing and periodic reporting of the security metrics to accurately track the current state of defenses, protections and performance
Provide recommendation and implement innovative solutions, modifications and enhancements to security training and awareness programs.
Develops and manages an information security operations center (ISOC), monitoring, assessing and defending the enterprise information systems, including websites, applications, databases, data centers, servers, networks, desktops and other endpoints.
Manages daily technical operations of the information security team.
Designs and oversees the execution of internal security testing methodologies and execution; conducts vulnerability testing and remediation on software, architecture and vendors.
Interact with senior management levels, which involves negotiating or influencing on significant matters
Ensure that effective tools and processes are in place to protect assets from the evolving threat landscape
Work with Infrastructure and Desktop support personnel to configure and deploy tools
Build procedures to administer the tools and monitor outputs
Stay abreast of new threats and continuously evaluate current processes and tool sets
Commit to continuous learning and networking with the larger cyber security community
Design processes and procedures to enable information technology personnel to conform with the compliance framework
Work with leaders outside of IT to design processes and procedures for operational business units’ compliance.
Be accountable for periodic testing and auditing of compliance
At least 5 years of demonstrated experience in some of the enterprise security functions such as, Security Compliance framework, Identity & Access Management, Cloud Security, Vulnerability Management, Firewalls, Antivirus, Penetration testing and other related functions
Strong knowledge of information systems security components and best practices including: firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices
Knowledge of industry standard best practices with regards to security
Working knowledge of Microsoft Active Directory, Microsoft Windows Operating Systems and Microsoft Exchange, Microsoft Azure, Office 365, Cisco Meraki
CISA: Certified Information Security Auditor
CRISC: Certified in Risk and Information Systems Control
CISSP: Certified Information Systems Security Professional
CISM: Certified Information Systems Manager
We are one of the fastest-growing, privately owned companies in America, completing over 4,000 design/build projects across 48 states. We ranked #15 out of the top 100 design/build companies in the U.S. and #49 on the ENR Top 400 Contractors list of 2018. Most importantly, our clients like us, they trust us and want to do business with us. We are looking for people with the same enthusiasm, passion, and respect for hard work that brought us to where we are today. Are you a person that can make a difference at ARCO? If the answer is, “Yes!” we look forward to meeting you.
ARCO does not accept unsolicited resumes from individual recruiters or third party recruiting agencies without pre-approval from ARCO’s Human Resource team. Pre-approval is required before any external candidate can be submitted. ARCO will not be responsible for fees related to unsolicited resumes and for candidates who are sent directly to our hiring managers.
Company: ARCO Business Services
External Company Name: ARCO Construction
External Company URL: www.arco1.com
Street: 900 N Rock Hill Rd.