• IT Security Manager

    Job Locations US-PA-Philadelphia
    Job ID
    # of Openings
    Information Technology
  • Overview


    PFM is a national leader in providing independent financial advice as well as investment advisory, management and consulting services to local, state, and regional government and non-profit clients. We are proud to help our clients meet their financial challenges with a broad array of products, backed by unquestioned professionalism and outstanding service.

    PFM is currently seeking a highly effective IT Security Manager to become a key member of Information Technology team. The ideal candidate will provide operational leadership for the PFM’s Information Security team and actively participate in defining tactical and operational objectives in order to fulfill the strategic direction set by the Chief Information Officer (CIO). The IT Security Manager will lead a small team that is responsible for overseeing the day-to-day operations and effectiveness of PFM’s enterprise Information Security Program. He or she will be responsible for implementing technical and procedural controls that align with industry standards, while striking the appropriate balance between protecting the environment against cyber risks and supporting PFM’s ongoing business needs.  The position will consist of a combination of responsibilities associated with defining and implementing security strategies, executing routine operational processes, implementing/managing a robust security toolset, and leading a team that will facilitate a strong cybersecurity posture.  The position will report to the Chief Information Officer.


    Major Responsibilities:

    • Oversee and manage PFM’s IT Information Security program and staff, while executing against an agreed upon enterprise program roadmap.
    • Work with business/operations teams to establish and communicate policies and procedures designed to eliminate cyber security risk.
    • Work with business and technical teams to ensure compliance with enterprise security standards.
    • Perform routine operational reviews to ensure adherence to cybersecurity policies.
    • Coordinate annual independent third-party security assessments and penetration tests.
    • Oversee partnerships with third-party security vendors (e.g. Managed Service Provider)
    • Oversee network monitoring, cybersecurity data collection and analysis (e.g. intrusion attempts, spam statistics, data loss protection statistics, etc.), and investigate violations when they occur.
    • Lead the development, testing, and execution of incident response plans.
    • Stay abreast of latest cybersecurity threats (e.g. malware, phishing attacks, etc.), best practices and recommend solutions to proactively manage risks.
    • Develop and deliver employee security awareness training and other communications designed to keep employees informed about cybersecurity threats/risk and internal policies.
    • Coordinate responses to internal and external audits and other security related inquiries.
    • Create and distribute monthly security related activity reports.
    • Coordinate meetings and presentations to IT Security Governance Committee, senior management, and internal and external clients as needed.


    Required Skills/Qualifications:

    • Bachelor’s degree (BA/BS) in Computer Science, MIS, and Business/Finance or a related field and equivalent work experience.
    • At least 4 years working in IT Security; minimum 3 years management experience; 7-10 years overall IT experience.
    • Strong knowledge of leading cyber security tools and platforms.
    • Subject matter knowledge in the Information Security space, incorporating both technical and process/operational elements.
    • Strong quantitative, analytical, and writing skills.
    • Excellent communication and interpersonal skills.
    • Ability to handle multiple tasks simultaneously and work under pressure.
    • Strong sense of personal responsibility.
    • A professional and ethical approach with a strong desire to succeed.

    Preferred Skills:

    • Professional Qualification such as CEH, CISSP, CISA, CISM an advantage but not essential.
    • Current, relevant experience of working in an Information Technology Infrastructure and/or Security Operations function.
    • Familiarity with the software development life cycle.
    • Familiarity with networking concepts and architecture.

    PFM offers a competitive base salary, bonus / incentive eligibility, comprehensive benefits package, profit sharing and 401K plan eligibility.


    PFM is an Equal Opportunity Employer (M/F/D/V) and maintains a drug-free workplace. 


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed