Manager Information Security
Working at Breeze Airways is an exciting endeavor and a serious commitment to bring “The World’s Nicest Airline” to life. We work cross-functionally with truly awesome Team Members to deliver on our mission: “To make the world of travel simple, affordable, and convenient. Improving our guests travel experience using technology, ingenuity and kindness.”
Breeze is hiring- join us!
The Manager of Information Security is responsible for coordinating security practices across Breeze Airways teams The expert in this role will lead the cyber security efforts which will ensure that the organization’s applications and services are implemented with security and compliance as a top priority.
Here’s what you’ll do
- Stay current on industry trends and emerging cybersecurity risks.
- Develop and maintain cybersecurity Breeze-specific programs per leading standards i.e. NIST, CSF, and ISO.
- Lead assessments of current security technology and authentication systems and evaluate against Federal and State Information Protection and Privacy regulations.
- Develop and advance information security policies, standards, and procedures in conjunction with the application and technology teams responsible for the configuration and operation of the day-to-day system.
- Lead the assessment and review of new and existing technology infrastructure to identify key risk areas and ensure adequate levels of control are in place to address those risks and develop risk mitigation techniques and processes to ensure that all reviews as actionable by the system manager and the operations Team Members.
- Lead the consultative process and advise Team Members in information technology departments to coordinate information security activities.
- Develop and lead activities supporting the Risk Management process such as data classification and security controls maintenance.
- Update skills as necessary to support Information Security and remain knowledgeable of industry standards and advancements.
- Assist with the design and administration of Cyber Security Awareness Training, including reporting.
- Assist with the coordination and remediation of found vulnerabilities.
- Develop presentations and other materials to communicate Cyber Security initiatives to all Team Members and leadership teams.
Here’s what you need to be successful
The application security engineer is a leadership role. It requires collaboration with other teams, as well as the executive team. You must enjoy working with others while analyzing system services, spotting issues in code, networks, and applications from a security perspective, and have troubleshooting skills to recognize security issues that appear under new threat scenarios.
- 8+ years of experience in technology or IT risk management
- Proven track record in risk management, preferably in the audit or compliance activities, technology, or other pertinent control functions
- Proficient in architectural design principles, cyber threat assessments, and the software development life cycle
- Proficient with firewalls, endpoint security, mobility management, and vulnerability scanning
- Understanding of different control structures (e.g., FFIEC, PCI, NIST)
- Ability to build effective working relationships with teammates, coworkers, and external organizations who are spread out geographically and from different cultural backgrounds.
- Demonstrated aptitude for analysis and problem-solving.
- Excellent communication skills in writing, speaking, and presenting.
- Outstanding interpersonal, negotiation, and persuasive abilities
- Strong organizational skills and the capacity to multitask successfully.
- Manage the operational, technological, and legal risks associated with the business.
- Establish proper governance to control and proactively spot problems and changes in the underlying systems’ risk profile.
- Help application, product, and information owners understand the overall risk profile so that the proper controls may be introduced.
- Collaborate with other control roles, such as software developers, business control managers, compliance, internal audit, and external regulators.
- Proactively identify, assess, and manage inherent risks in our system and promote a risk-mitigating culture.
- Oversee regulatory and firm policy requirements for a wide range of technologies.
- Drive control optimization, education, process efficiency, and better client experience to foster innovation and develop the environment for technology control.
- Identify threats, risks, and relevant mitigation methods to support risk decisions and carry out security risk assessment operations.
- Provide clear direction to business, product, and technology stakeholders so they can manage their risks effectively.
- Contribute to the creation of a culture of risk and control that is centered on proactive awareness of and enhancement of the control environments.
- Security Clearance (current or previous)
- Certifications like CISSP, CRISC, CISA, CISM, and CCSP
Perks of the Job
- Health, Vision and Dental
- Health Savings Account with Breeze Employee Match
- 401K with Breeze Employee Match
- Travel on Breeze and other Airlines too!
Breeze Airways provides equal employment opportunities to all Team Members and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Breeze Airways will never request your Social Security Number, Driver’s License or Date of Birth on our job postings. Job Postings requesting any or all of this information should be regarded as a scam. To ensure you are applying to an actual Breeze Airways posting, please apply online at www.flybreeze.com then click “Careers” at the bottom of the page.