Essay Undergraduate 1,519 words

Job Advertisement for a Security Manager Cincom

Last reviewed: August 7, 2013 ~8 min read

Abstract

The role of the security manager is today a very multifaceted one. This analysis provides insights into how they can be made more effective over time by concentrating on TI tasks as well. All of these factors taken together are critical for the securing of an enterprise.

Job Advertisement for a Security Manager

Cincom Systems is a leading provider of Enterprise Resource Planning (ERP), Manufacturing Execution Systems (MES), Supply Chain Management (SCM) and Enterprise Quality Management and Compliance (ECQM) systems and platforms for aerospace and defense manufacturers globally. The continued investment in advanced surveillance technologies by the U.S. And foreign governments has led to continued rapid growth for Cincom, as more aerospace and defense manufacturers rely on their software than any other software provider globally. More Unmanned Aerial Vehicles (UAV)s are manufactured using Cincom's software than any other enterprise software company serving the aerospace and defense industry today.

Cincom's profitable growth is leading to expansion of manufacturing facilities globally and the need for an Enterprise Security Manager to ensure secure, safe operation of its development center in San Diego, California. A DOD-complaint facility, the San Diego Research and Development Center is world-known for its advanced research into manufacturing systems supporting UAVs, advanced weaponry and situational awareness systems. The Enterprise Security Manager's role is a strategic one, directly linked to each program in development and requiring clearance by Depart of Defense (DoD) standards. Cincom abides by the precepts of having enterprise security management be a central part of the strategic plan of manufacturing, inclusive of information systems, site security and advanced threat detection and risk mitigation (Straub, 1988). The Enterprise Security Manager will regularly interact with senior management across all programs and define benchmarks for risk mitigation through the use of balanced scorecards, specific key performance indicators (KPIs) and dashboards all aligned to Cincom's strategic direction (Gordon, Loeb, Tseng, 2009). Due to these unique requirements, the Enterprise Security Manager must have the ability to manage subordinates effectively while leading a staff of ten, while also ensuring the enterprise security function of the San Diego Research & Development facility stays above compliance standards as defined by the United States Department of Defense and additional western nations who are Cincom's customers. Combining strategic vision and the ability to execute tactically with precision and urgency is a best practice of enterprise security managers in high-growth organizations today (Forte, 2009).

Roles And Responsibilities

The Enterprise Security Manager will be expected to excel on the following dimensions of their role as part of the Cincom R&D Senior Management Team:

Managing and Leading

To plan, organize, lead and control each aspect of the strategic security management plan, including the defining of specific dashboards and scorecards to track performance against plan.

Managing variation to plan through a variety of security management techniques and programs, including Six Sigma analysis of workflows and the use of Business process Re-engineering (BPR) to critical workflows for R&D center security. The reliance on BPM and BPR techniques for continually ensuring conformity and compliance to requirements is critical for long-term growth of the center and its continual secured performance (Booker, 2006).

Expected to use situational leadership skills to selectively apply planning, organizing, leading and controlling aspects of their skills sets as leaders to specific decisions related to R&D Center security and stability.

Defining performance programs and objectives for each of the ten subordinates in the department, including stretch objectives and a continual focus on excellence across the department.

Inclusion of 360-degree feedback systems and processes to ensure that each employee is viewed from their most accurate assessment of their performance level.

Continual focus on education and knowledge transfer within the department and with other departments is essential, as the Enterprise Security Manager will be given the responsibility for managing the system of record for all external interactions with the center. Knowledge management and transfer is essential for the successful development and growth of any security organization (Baxter, 2012).

To define and implement a budget review process that seeks to balance the needs of the R&D center for continual monitoring and risk mitigation while ensuring security continues to be a strategic asset. The budget will be directly linked to the corporate strategic plan and the Enterprise Security Manager will report quarterly to senior management on performance against budget and results attained.

To participate and contribute to strategic planning meetings at the divisional and corporate level, ensuring security at the R&D Center is continually taken into account in the global security and risk management strategies of the firm. The Enterprise Security Manager will champion the integration of security and risk management into the overall Cincom strategic plan, ensuring consistency and no lapse or oversight in strategic focus. The highest performing organizations ensure that security and risk management are tightly integrated into the strategic plan overall, ensuring consistently and clarity of role and support for security as a strategic priority (Atkinson, 2005). Candidates who have previous experience championing the integration of security and risk management into the strategic planning process are preferred.

Budget

Coordinate and collaborate with the Cincom Chief Financial Officer (CFO), General Manager of the San Diego Facility, and the senior management staff to ensure budgeting is sufficient to ensure security and risk management at the physical plant and IT levels of the center.

Manage the budget and spending levels for security and risk management initiatives and programs at the Cincom R&D Center, reporting quarterly to senior management on performance against plan and results attained.

Develop Return on Investment (ROI) analysis for each capital expenditure related to security and risk management. This includes collaborating with the Chief Information Officer (CIO) to ensure that capital expenses (CAPEX) are budgeted correctly and a clear ROI case is defined prior to the investment.

Information Technologies Security

Leads a team of five security engineers who are members of the security department staff, providing them with leadership and direction in the areas of threat assessment analysis, preventative security system strategies and techniques, and IT network architecture definition.

Extensive experience enterprise risk assessment and distributed security management architecture development and definition. A the Cincom R&D center has secured gateways to many nations; defense ministries and departments of defense, it is critical for the Enterprise Security Manager to have a thorough understanding and mastery of distributed security management architectures (Priggouris, Hadjiefthymiades, 2006).

Security Breaches/Investigation

Define and continually improve breach prediction scenarios using Cincom's rules and constraint-based technology that can factor in multiple events to determine threat probability. The Enterprise Security Manager will be expected to lead a team that will use artificial intelligence to predict security breaches from an IT level using these technologies, leading a group of security engineers in this task.

You’re 80% through this paper. Sign up to read the full paper.

130,000+ paper examples AI writing assistant Citation generator Cancel anytime

References

10 sources cited in this paper

Atkinson, W. 2005, "Integrating Risk Management & Security", Risk Management, vol. 52, no. 10, pp. 32-34, 36-37.
Baxter, H.C. 2012, "Don't Be Left Behind: Improving Knowledge Transfer", Public Manager, vol. 41, no. 3, pp. 39-43.
Booker, R. 2006, "Re-engineering enterprise security", Computers & Security, vol. 25, no. 1, pp. 13-17.
Fay, J. 2005, Security's Role in Enterprise Risk Management, Cygnus Business Media, Inc, Park Ridge.
Forte, D.V. 2009, "The role of the Information Security Manager in cutting-edge companies", Network Security, vol. 2009, no. 8, pp. 4-5.
Gordon, L.A., Loeb, M.P. & Tseng, C. 2009, "Enterprise risk management and firm performance: A contingency perspective", Journal of Accounting and Public Policy, vol. 28, no. 4, pp. 301.
Priggouris, I. & Hadjiefthymiades, S. 2006, "A distributable security management architecture for enterprise systems spanning multiple security domains", Electronic Commerce Research, vol. 6, no. 3-4, pp. 355.
Spaeth, M. 2002, "Expanding your job description", Risk Management, vol. 49, no. 10, pp. 56.
Straub, Detmar W. Jr 1988, "Organizational Structuring of the Computer Security Function", Computers & Security, vol. 7, no. 2, pp. 185.
Wylder, J.O.D. 1992, "The Life Cycle of Security Managers: New Responsibilities for a Distributed Environment", Information Systems Management, vol. 9, no. 1, pp. 62.

Atkinson, W. 2005, "Integrating Risk Management & Security", Risk Management, vol. 52, no. 10, pp. 32-34, 36-37.
Baxter, H.C. 2012, "Don't Be Left Behind: Improving Knowledge Transfer", Public Manager, vol. 41, no. 3, pp. 39-43.
Booker, R. 2006, "Re-engineering enterprise security", Computers & Security, vol. 25, no. 1, pp. 13-17.
Fay, J. 2005, Security's Role in Enterprise Risk Management, Cygnus Business Media, Inc, Park Ridge.
Forte, D.V. 2009, "The role of the Information Security Manager in cutting-edge companies", Network Security, vol. 2009, no. 8, pp. 4-5.
Gordon, L.A., Loeb, M.P. & Tseng, C. 2009, "Enterprise risk management and firm performance: A contingency perspective", Journal of Accounting and Public Policy, vol. 28, no. 4, pp. 301.
Priggouris, I. & Hadjiefthymiades, S. 2006, "A distributable security management architecture for enterprise systems spanning multiple security domains", Electronic Commerce Research, vol. 6, no. 3-4, pp. 355.
Spaeth, M. 2002, "Expanding your job description", Risk Management, vol. 49, no. 10, pp. 56.
Straub, Detmar W. Jr 1988, "Organizational Structuring of the Computer Security Function", Computers & Security, vol. 7, no. 2, pp. 185.
Wylder, J.O.D. 1992, "The Life Cycle of Security Managers: New Responsibilities for a Distributed Environment", Information Systems Management, vol. 9, no. 1, pp. 62.

Atkinson, W. 2005, "Integrating Risk Management & Security", Risk Management, vol. 52, no. 10, pp. 32-34, 36-37.
Baxter, H.C. 2012, "Don't Be Left Behind: Improving Knowledge Transfer", Public Manager, vol. 41, no. 3, pp. 39-43.
Booker, R. 2006, "Re-engineering enterprise security", Computers & Security, vol. 25, no. 1, pp. 13-17.
Fay, J. 2005, Security's Role in Enterprise Risk Management, Cygnus Business Media, Inc, Park Ridge.
Forte, D.V. 2009, "The role of the Information Security Manager in cutting-edge companies", Network Security, vol. 2009, no. 8, pp. 4-5.
Gordon, L.A., Loeb, M.P. & Tseng, C. 2009, "Enterprise risk management and firm performance: A contingency perspective", Journal of Accounting and Public Policy, vol. 28, no. 4, pp. 301.
Priggouris, I. & Hadjiefthymiades, S. 2006, "A distributable security management architecture for enterprise systems spanning multiple security domains", Electronic Commerce Research, vol. 6, no. 3-4, pp. 355.
Spaeth, M. 2002, "Expanding your job description", Risk Management, vol. 49, no. 10, pp. 56.
Straub, Detmar W. Jr 1988, "Organizational Structuring of the Computer Security Function", Computers & Security, vol. 7, no. 2, pp. 185.
Wylder, J.O.D. 1992, "The Life Cycle of Security Managers: New Responsibilities for a Distributed Environment", Information Systems Management, vol. 9, no. 1, pp. 62.