Job Description - 2021 - Information Security Manager (Hoptek Inc.) (003QL)
2021 - Information Security Manager (Hoptek Inc.)-003QL
Who are weAs a global consulting partnership in more than 40 countries, our people make us who we are. We’re individuals who take as much joy from those we work with as the work itself. Driven to be the difference between a big idea and making it happen, we help our clients break through.
Kearney is building a new and exciting global software organization that will make software technologies and software products a vital part of our value propositions to our clients. This first of its kind initiative, called Hoptek Inc., aims to solve complex network optimization problems. One such problem is the real-time allocation of assets to freight in a large transportation network to increase asset utilization, on-time delivery and overall fleet productivity. The career opportunities will range from leading innovative projects and doing advanced software algorithms research and development for our core clients to building entirely new software platforms started on the IP foundation we are accumulating.
The Hoptek Inc. team is rapidly growing and is looking for a Information Security Manager to join the team and play a critical role in the development of a portfolio of products which will have a significant transformative impact for our clients and the industries we serve.
RoleThe Information Security Manager will assume responsibilities for secure development and operation of a multi-tenant SaaS product. This involves creation and enforcement security policies for all stages of software development from concept to production. The Information Security Manager will be accountable for having security best practices in place across the organization without compromising productivity and reliability.
- Serve as primary point of contact for all aspects of product development and organizational information security needs
- Establish and document infrastructure, application and data security guidelines and communicate to all team members and stakeholders
- Create and provide information security training to current and new members of the team
- Work with the infrastructure manager to ensure that all infrastructure and solutions comply with security guidelines
- Assess current technology architecture for vulnerabilities, then design and implement risk mitigation strategies
- Create and execute information security audits, both internally and using third-party security services
- Perform threat management, threat modeling, identify threat vectors and develop monitoring scenarios
- Track and ensure compliance to Service Level Agreements (SLA), process adherence and process improvement targets
- Oversee technology upgrades, improvements and major changes to the product from perspective of information security
- Manage and configure physical security, disaster recovery, backup and archival systems
- Document and enforce compliance needs while handling all external data, including that of a multi-tenant SaaS solution
- Intellectual property retention and loss prevention
- Communicate information security goals and new programs effectively with other managers within the organization
Qualifications & Experience
- 8+ of experience managing information security for complex software product development efforts including SaaS applications
- Practical experience in various type of agile development projects
- Deep understanding and hands-on experience in securing and auditing cloud-based environments and solutions running on them
- Experience securing cloud-based SaaS infrastructure on AWS, Azure and/or Digital Ocean
- Knowledge of network architecture security
- Experience securing container based and serverless architectures
- An analytical mindset with problem-solving skills
- Experience with open-source tools and frameworks
- Software Skills. Docker, Kubernetes, Terraform, Linux shell, Python
- Cloud. Azure, AWS, Digital Ocean
- Agile, DevOps. Azure DevOps, Jira or similar solution for requirements management, productivity management, testing, CI/CD, etc.
- Security.Networking and telecommunications integration, hardware and software firewalls, SIEM tools, Splunk, Elastic, etc.
EducationBachelor’s or master’s degree in computer science, computer architecture, information technology and systems, or other appropriate technical subject from a top tier university
Equal Employment Opportunity and Non-Discrimination
Kearney prides itself on providing a culture that allows employees to bring their best selves to work every day. Our people can feel comfortable, confident, and joyful to do great things for our firm, our colleagues, and our clients. That’s why, Kearney is committed to building a diverse, unbiased and inclusive workforce. Kearney is an equal opportunity employer; we recruit, hire, train, promote, develop, and provide other conditions of employment without regard to a person’s gender identity or expression, sexual orientation, race, religion, age, national origin, disability, marital status, pregnancy status, veteran status, genetic information or any other differences consistent with applicable laws. This includes providing reasonable accommodation for disabilities, or religious beliefs and practices. Members of communities historically underrepresented in consulting are encouraged to apply.
Primary LocationAmericas-United States-Atlanta