Information Security Management Systems (ISMS) Manager

EdgeConneX® is the only global Edge Data Center® provider. Creating purpose-built, edge-of-network infrastructure solutions that extend the internet’s reach, EdgeConneX enables the fastest and most secure delivery of content, cloud services and applications. Edge Data Centers host bandwidth intensive and latency sensitive data closer to end-users, establishing a more secure, reliable and cost effective distribution model for the internet. For more information, please visit our EdgeConneX Internet of Everywhere®.

Information Security Management Systems (ISMS) Manager

The ISMS Manager is responsible for leading the ISMS management framework cross-functionally and serving as the Company subject matter expert regarding security and compliance both internally (EdgeConneX) and externally (Customers & Industry). The role directs others to implement and operate information security controls and directives of senior management while maintaining compliance with industry standards and regulatory requirements.  The successful candidate will lead the information security management program, following ISO/IEC 27001; 2013, in addition to maintaining overall audit-readiness for ISO 27001 certification, SOC 2 Type II engagements, PCI-DSS, HIPAA, and EU-US Privacy Shield. as required by the business and our Customers.

Duties

  • Interpretation of ISMS requirements and implementation for EdgeConneX and at EdgeConneX Edge Data Centers
  • Definition of ISMS processes, functions, responsibilities, and activities
  • Ownership, creation and maintenance of the ISMS and compliance documentation
  • Assignment and management of ISMS and compliance activities
  • Supplier security, identity and access management, and information asset oversight
  • Reviews and approves security processes
  • Create and maintain the network & information governance matrix
  • Maintains information security specifications
  • Provides security and compliance consultation to all business functions
  • Provides sales support and acts as a key customer contract for security and compliance questions.
  • Creates and maintains process framework
  • Creates and maintains domain recovery objectives and specifications
  • Create and validate test plans
  • Evaluates system conformance
  • Manage annual certification portfolio audits, corrective actions, and third party audit vendors
  • Proactively monitor and inspect key security performance indicators

 

 

Knowledge, Skills & Abilities

  • 5+ Years’ experience as ISMS Manager or equivalent information security role
  • Full understanding of ISO 27001:2013 and compliance assurance audits such as SOC 2 Type II, PCI-DSS, HIPAA, and US-EU Privacy Shield
  • Effective oral and written communication skills
  • Strong attention to detail, superb organizational skills and ability to multi-task and prioritize
  • Ability to work across functional boundaries internally
  • Ability to view issues and concerns from multiple perspectives, and to keep the “Big Picture” in focus
  • Tenacity at uncovering and addressing operational issues and potential audit defects
  • Ability to work in a start-up and fast paced environment a must

Education/Experience

  • Professional IT security certifications
  • Demonstrated leadership and project management skills
  • Prior audit experience
  • College Degree

Travel

  • National and International travel required (25%)

EdgeConneX believes diversity – of thought, backgrounds and experiences – affects all that we do, from our employees to the solutions we deliver. Our goal is to create an environment in which inclusion through diversity helps deepen the lives and work experience of our employees, enhances our innovation and creativity, and enriches our involvement in our communities. EdgeConneX is an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin or ancestry, physical or mental disability, as well as any other category protected by applicable federal, state, or local laws.

 

Apply Now

Apply Now

EdgeConnex is subject to certain governmental recordkeeping and reporting requirements for the administration of civil rights laws and regulations. In an effort to comply with these laws, we are inviting you to answer the following questions. Submission of this information is voluntary. Your resume will be given the same consideration whether you answer the following questions or not. The information obtained will be kept confidential and may only be used in accordance with the provisions of applicable laws, executive orders, and regulations, including those that require the information to be summarized and reported to the federal government for civil rights enforcement. When reported, data will not identify any specific individual.