Manager Information Security Architecture

Company: Verra Mobility
Location: Mesa
Posted on: June 21, 2022

Job Description:

Who We Are...Verra Mobility is a global leader in smart mobility. A combination of the global capabilities and talents of American Traffic Solutions (ATS), Highway Toll Administration (HTA), and Euro Parking Collection (EPC), the company develops technology-enabled solutions that help the world move safely and easily. Verra Mobility fosters the development of safe cities, working with police departments and municipalities by operating more than 4,000 red-light, speed, and school bus stop arm safety cameras in more than 200 jurisdictions across North America. The company also creates smart roadways, serving the world's largest commercial fleets and rental car companies to manage tolling transactions and violations for more than 8.5 million vehicles. Verra Mobility is a leading provider of connected systems, processing nearly 165 million transactions each year through connectivity with more than 50 individual tolling authorities and more than 400 issuing authorities. Arizona-based Verra Mobility Corp. currently operates in 15 countries and in 22 languages.Focused on solutions that help the world move safely and easily, Verra Mobility builds safe cities, smart roadways, and the connected systems that tie them together. The company is constantly looking toward the future, ensuring it creates relevant solutions today that will work tomorrow. Seeking to understand new customers, regions, and businesses that will shape tomorrow's smart mobility experiences, Verra Mobility strives to ensure more people around the world reach their destination safely and easily. Keeping its core principles front and center, Verra Mobility is fueled by relationships, driven by impact, guided by what's right, and energized by what's next.Position Overview:The primary responsibility of the Manager, Information Security Architecture is to help design, develop and implement enterprise security strategies. This position is also the highest-level technical manager responsible for managing both the Security Operations and Security Engineering Functions.Finally, the Manager, Information Security Architecture is responsible for monitoring and verifying that the network is appropriately protected from internal and external threats, while enabling the organization to work effectively and productively. The position evaluates the risk versus the business value to mitigate and make appropriate recommendations for the business.Essential Responsibilities:

• Assist with budgetary planning, design and architecture of the information security program.
  • Configure, deploy, fine tune, and monitor firewalls, proxies, security information and event management systems, intrusion detection systems, vulnerability scanners, multi-factor/strong authentication technologies, RADIUS servers, and logging servers.
    • Define global security policies, standards, guidelines and procedures to ensure ongoing maintenance of security.
      • Perform security audits of off-the-shelf and custom applications and infrastructure.
        • Stay abreast of industry best practices in risk management techniques and integrate new methods and tools as appropriate.
          • Monitor vendor and third-party security reports/lists and proactively patch vulnerabilities.
            • Engage with internal and external partners to help design, test, and implement state-of-the-art secure operating systems, applications, networks, and database products/solutions.
              • Assists in the planning, design and implementation of security measures created to safeguard access to resources, enterprise networks, computer systems, and data elements.
              • Serve as the information security subject matter expert by providing guidance and consulting services to MIS teams and business units on matters related to security.
                • Maintains proper documentation for all security products.
                  • Coordinate and lead technical security audits and assessments including but not limited to SOC2 Type2, ISO 27001 and PCI DSS.
                    • Lead security incident response activities as outlined in the company security incident response plan.
                      • Work closely with Information Security Risk and Compliance team, acting as a technical lead during internal and external audit engagements and supporting the GRC team as required. Gather technical evidence and speak to information security process and procedures aligned to audited controls and environments.
                        • Participate in IT systems and network architecture planning sessions with those teams as it relates to implementing information security practices, controls, tools and best practices. Qualifications:
                          • A bachelor's in computer science or related field OR a High School Diploma/GED and appropriate on the job experience in information technology and/or information security.
                          • Minimum of 5 years of experience as an information security engineer, security architect, security manager, IT systems administrator or other technical focused information security role.
                          • Information security industry certifications such as: CISSP, GSEC, GCED, GCIH, etc. are preferred.
                          • Experience with IT systems administration in medium to large enterprise setting is highly preferred. Prior IT helpdesk/MIS experience is a plus.
                          • Familiarity with Azure and/or AWS management and security capabilities and features such as Cloud Watch/Cloud Trail, Terraform, security hub, IAM, conditional access rules, Azure security center, event hubs, etc is a plus.
                          • Candidate should be familiar with common information security best practice standards such as the CIS critical security controls and OSWAP Top 10.
                          • Candidate should be familiar with industry standard security frameworks such as NIST 800-53, SOC2, ISO-27001/2 and PCI DSS. Aligned with Verra Mobility Values:
                            • Do What's Right - We're committed to doing the right thing for each other and for our customers - integrity is our DNA.
                            • Lead With Grace - We embrace the importance of our colleagues and customers and always treat them with kindness and grace.
                            • Own It - We foster a culture of accountability and excellence, where going the extra mile is standard practice.
                            • Win Together - We are ambitious and like to win, but we know we win more when we include others and work together.

Keywords: Verra Mobility, Mesa , Manager Information Security Architecture, Executive , Mesa, Arizona