OneMain Financial Jobs

Title Information System Security Manager (ISSM) Req Number INF-26-00006 Requisition Category Full-Time/Part-Time -unspecified- Location Remote, USA Description Pay Rate: The annual base salary range for this position $115,000-$135,000. Please note that the salary information is a general guideline only. At Sawdey Solution Services, we recognize that attracting the best talent is key to our strategy and success as a company. We will consider several factors when extending an offer to an applicant. These factors include (but are not limited to) the position, associated responsibilities, work experience, education, related training, and related skills. Position Location: Remote, USA Telework/Work-from-Home Authorized: Yes About the Role: This position falls under the umbrella of Sawdey's Managed Services Division (MSD). Sawdey MSD is a full-service Managed Service Provider (MSP)/Managed Security Service Provider (MSSP) providing IT and/or cybersecurity services to a variety of different clients (defense/government contractors, municipalities, non-profits, commercial organizations, etc.). The Information Security Manager will plan, design, implement, and maintain client cybersecurity programs that meet all requirements of the CIA triad: Confidentiality, Integrity, and Availability. This position requires someone who works with minimal supervision. It is essential for this team member to deliver outstanding client service, expert problem solving, communicate effectively, and contribute positively to the Team. Additional responsibilities include, but are not limited to: Support MSD work/contracts inclusive of risk analysis, project management, strategic planning, incident response, asset management, and overall client management. Lead and guide clients in developing and maintaining a comprehensive cybersecurity strategy aligned with regulatory standards (e.g., CMMC, NIST 800-171, ISO 270001, etc.). Create, establish, and maintain extensive information security standards, policies, and procedures. Support all aspects of Sawdey clients' CMMC efforts to include providing CMMC advisory services and ongoing cybersecurity programmatic maintenance activities. Generate daily, weekly, and monthly compliance reports and review such reports for anomalies or issues. ? Develop implementation plans that meet project goals and security requirements. Serve on Sawdey MSD clients' Change Approval Boards and Risk Management Boards. Conduct thorough risk assessments to identify and remediate vulnerabilities, threats, and potential impacts on client operations. Review security logs to identify risks, security threats, and configuration errors. Lead clients' security and compliance-related inquiries (e.g., insurance/cybersecurity questionnaires, risk assessments, incident response, CMMC assessments, etc.). Lead client's Incident Response (IR) activities and provide ongoing IR training. Leverage Artificial Intelligence (AI) to streamline processes and produce better outcomes for clients. Serve as respective clients' main or secondary POC and lead teams to complete project tasks as efficiently, securely, and timely, as possible. Translate cybersecurity jargon into non-technical language to assist executive teams in understanding risks and requirements associated with their cybersecurity. May assist in hiring, onboarding, and training new IT resources in support of Sawdey MSD. Work across departments/clients providing IT expertise for defining project requirements, proposals, cybersecurity program documentation, licensing support, etc. Stay current on new industry specific technologies as it relates to the position. Communicate and collaborate with clients and colleagues in a professional, respectful