OneMain Financial Jobs

As an Information Systems Security Managerwith MTSI you will be responsible for the security posture of assigned information systems, ensuring compliance with relevant security policies, procedures, and regulations. You will work closely with system administrators, developers, network engineers, and other stakeholders to implement, maintain, and monitor security controls, and to ensure the confidentiality, integrity, and availability of organizational data and systems. This position will be located at Wright-Patterson AFB. You'll be a great fit for this role if: (SOFT SKILLS) *Have a deep understanding of cybersecurity principles, risk management methodologies, and technical security controls. *Paying attention to detail and providing excellent customer service in a professional environment is a skill you excel at. *You are passionate about continuous learning and growth, and you seek opportunities to challenge yourself. *You are driven to make a meaningful impact through your work. Responsibilities: Duties to be independently executed include but are not limited to: *Create, implement, and maintain system-specific security policies, standards, and procedures, ensuring they align with organizational and regulatory requirements (e.g., NIST, ISO, HIPAA, PCI DSS) and are effectively communicated and enforced. *Conduct regular risk assessments and vulnerability scans to identify security vulnerabilities and potential threats to systems, developing and implementing effective mitigation strategies and tracking remediation efforts. *Implement and maintain a comprehensive suite of security controls, including access controls, intrusion detection systems, firewalls, anti-malware software, and data loss prevention (DLP) solutions, ensuring optimal configuration and adherence to best practices. *Participate actively in security incident response activities, including thorough investigation, containment, eradication, and recovery, documenting incidents meticulously and extracting valuable lessons learned to improve future responses. *Develop and deliver engaging security awareness training programs for users and system administrators, fostering a culture of security awareness throughout the organization. *Ensure continuous compliance with relevant security regulations and standards (e.g., NIST, ISO, HIPAA, PCI DSS), preparing for and participating in security audits and assessments, and maintaining comprehensive documentation to support compliance efforts. *Collaborate closely with system administrators, developers, network engineers, and other stakeholders to seamlessly integrate security into all phases of system design, development, and operation. *Serve as a trusted security advisor to project teams and business units, proactively communicating security risks and providing well-informed recommendations to management. *Stay abreast of the latest security threats, vulnerabilities, and cutting-edge technologies, recommending and implementing ongoing improvements to security policies, procedures, and controls, and participating in industry security forums. *Maintain accurate and up-to-date documentation of security configurations, policies, procedures, and incident responses, developing and maintaining system security plans (SSPs) and other essential security-related documentation. Qualifications Required: *8+ years experience in information security, with at least 3 years of experience as an ISSM or in a similar role. *Strong understanding of cybersecurity principles, risk management methodologies, and security controls. *Experience with security assessment tools, such as vulnerability scanners and penetration testing tools. *Experience with security technologies, such as firewalls, intrusion detection systems, anti-malware software, and data loss prevention (DLP) solutions. *Knowledge of operating systems (Windows, Linux), networking protocols, and cloud computing