The Sr. Security Program Manager oversees the Information Security Governance, Risk, Compliance team and reports to Lennar’s Chief Security Officer. This role is responsible for the management of various security programs supporting Lennar’s business objectives, including but not limited to developing and management of security governance, risk and compliance frameworks; implanting effective security awareness capabilities; and managing physical security, crisis management and continuity of business programs in order to achieve Lennar’s business imperatives. This role is also responsible for overseeing the execution and budgeting processes for all security projects in support of the security engineering and operations teams.
The Sr. Manager will be accountable for defining a comprehensive risk and compliance management framework and associated policies and processes, overseeing risk and compliance assessments, managing the risk response process, developing metrics and championing risk reduction initiatives across Lennar’s business units.
The Sr. Manager will collaborate closely with members of the Enterprise Security Office, internal and external auditors, Security Architecture, IT Operations, Project Management Office, and IT Governance teams to ensure that risk is appropriately addressed, tracked and reported to business stakeholders, security projects are tracked to provide regular status and service level reports to executive management and the Chief Security Officer. This is to achieve and maintain a security posture commensurate with the risk tolerance of the organization, meet business objectives and regulatory requirements.
- Develop and oversee information security program and strategies that align with business goals and protect the confidentiality, integrity and availability of Lennar’s information assets.
- Responsible for the identification, analysis and assessment of information risk and compliance scenarios.
- Manages the work of the Information Security Governance, Risk Management and Compliance (GRC) team who are responsible for analyzing and implementing Information Security and Risk and Compliance Management frameworks policies, standards and best practices.
- Manages the work of the Security Awareness, Physical Security, Crisis Management and Business Continuity team who are responsible for the implementation of Information Security Program frameworks, policies, standards and best practices.
- Develop reporting capabilities to communicate the progress, program activities, and results to Lennar management, stake holders and Chief Security Officer.
- Responsible for the education, implementation, and consultation of technology risk management practices with key stakeholder groups across the enterprise.
- Support and coordinate internal and external audits for the areas of Security Risk Management.
- Oversee the Security Vendor Management Program to ensure 3rd party risks are managed according to best practice and organizational risk appetite.
- Responsible for promoting an enterprise-wide business continuity, cyber and physical security awareness programs.
- Hire and train new staff members, conduct performance reviews, provide leadership and coaching, including personal and professional development.
- Manage the Enterprise Security Office portfolio of services budgeting process. Identify and evaluate cost reduction opportunities.
- Work closely with the Project Management Office to ensure the effective execution of security projects and programs.
Education and Experience Requirements:
- Minimum 10-15 years of experience with a proven record of developing and managing information technology and security programs in a mid to large-scale enterprise environments.
- Master’s degree in Computer Science, Information Systems Security or related field is required. Doctorate degree a plus.
- Certified Information Systems Security Professional (CISSP) or Certified in Risk and Information Systems Controls (CRISC) certification required.
- Certified Information Security Manager (CISM), Certified Chief Information Security Officer (C|CISO), and Certified Business Continuity Professional (CBCP) highly desired.
This is primarily a sedentary office position which requires the Security Risk and Compliance Manager to have the ability to operate computer equipment, speak, hear, bend, stoop, reach, lift, and move and carry up to 25 lbs. Finger dexterity is necessary.
- Experience engaging executive-level leadership and stakeholders to establish strategic plans for programs and projects.
- Experience developing and implementing frameworks and processes to drive a risk-based approach to information security incorporating best practices such as ISO and NIST standards.
- Demonstrate strong knowledge in IT controls, risk assessments, and the design and testing of security measures.
- Be a thought leader in Information Security, Risk and Compliance Management and align initiatives with business objectives of the company.
- Conduct analysis and trending (reports, dashboards, etc.) on progress or events affecting the Lennar environment and information security in general.
- Considerable writing proficiency, oral presentation skills, problem solving and decision-making skills.
- Excellent verbal and written communication skills, including executive-level presentations.
- Ability to deal effectively with a wide range of vendors, service providers, and regulatory agencies.
- Ability to facilitate productive meetings and work successfully in a team-oriented environment.
- Ability to exercise sound judgment in complex situations.
- Have the ability to handle multiple competing priorities in a fast-paced environment.
- Strong commitment to customer service.
- Results oriented, high energy, self-motivated.
- Ability to work well under minimal supervision.
- Some travel may be required for internal, conference, customer, partner and vendor meetings.
- Can conform to shifting priorities, demands and timelines through analytical and problem-solving capabilities.
- Reacts to project adjustments and alterations promptly and efficiently.
- Ability to read communication styles of team members who come from a broad spectrum of disciplines.
- Persuasive, encouraging, and motivating.
- Ability to elicit cooperation from a wide variety of sources, including upper management, clients, and other departments.
- Ability to effectively prioritize and execute tasks in a high-pressure environment is crucial.
- Flexible during times of change.
- Ability to defuse tension among project team, should it arise.
- Ability to bring project to successful completion through organizational dynamics.
- Strong written and oral communication skills.
- Strong interpersonal and operational skill sets.
- Strong customer service skills and focus required.
- Tenacious, driven, energetic and a high degree of professional integrity.
This description outlines the basic responsibilities and requirements for the position noted. This is not a comprehensive listing of all job duties of the Associates. Duties, responsibilities and activities may change at any time with or without notice
Careers.org gives you access to over a million jobs and career opportunities across the US including in Miami.
Find your perfect job and apply directly through a simply online application process