Information Security Manager
Company: NVR, Inc.
Posted on: June 12, 2021
NVR has been helping families build their happily ever after
since 1948. As a Top 5 US homebuilder, we're committed to quality
and to our customers and we take pride in the nearly 500,000 new
homes we have sold and built across the country. Working in the
homebuilding industry is tangible and rewarding, but not every job
at NVR requires a hard hat. We don't just sell and build new homes;
we also manage teams, acquire land, manufacture materials, provide
mortgages to our customers, and provide corporate support to NVR's
multi-billion dollar business operations.
At NVR, the Information Security Manager (ISM) is a critical
member of the Chief Information Security Officer's (CISO's) team.
In this role, you will act as an interface between the CISO's
strategic and process-based activities and the work of the
technology-focused analysts, engineers, and administrators in the
IT organization. You'll serve the critical role of translating the
IT-risk requirements and constraints of the business into technical
control requirements and specifications, as well as developing
metrics for ongoing performance measurement and reporting. You will
coordinate the IT organization's technical activities to implement
and manage security infrastructure, and to provide regular status
and service-level reports to management.
This leadership role requires an individual with a strong
technical background, as well as an ability to work with the IT
organization and business management to align priorities and plans
with key business objectives. You will act as an empowered
representative of the CISO during IT architectural review and other
governance processes to ensure that security measures are
incorporated and that service expectations are clearly defined. The
ISM is also responsible for working with business and IT
stakeholders to balance real-world risks with business drivers such
as speed, agility, flexibility, and performance.
- Manage the day-to-day activities of threat and vulnerability
management, identify risk tolerances, recommend treatment plans and
communicate information about risk mitigation.
- Manage security related production issues and incidents, and
participate in the IT change management board.
- Manage a staff of information security professionals. Hire and
train new staff, conducting performance coaching and developing
personal development programs for team members.
- Coordinate responses to third parties' security evaluations and
Security Architecture and Design
- Work with the enterprise architecture team to ensure that
security requirements are properly incorporated into new IT
solutions and design changes to existing systems.
- Provide expert guidance on security matters for other IT
projects, as needed.
- Research, and recommend new or updated information security
solutions, analyzing impacts to the existing environment.
Security Engineering and Compliance
- Recommend and coordinate the implementation of technical
controls to support and enforce defined security policies.
- Provide technical and managerial expertise for the
administration of security tools.
- Maintain up-to-date documentation on the compliance with
security frameworks and including identified gaps and residual
- Propose changes to existing policies and procedures to ensure
operating efficiency and regulatory compliance.
- Manage implementation of any information security-led
- 7+ years of IT experience, serving at least 5 years in an
information security role and 2+ years in a supervisory
- A bachelor's degree in information systems or equivalent work
- Security-related industry certifications (e.g., CISA, CISSP,
- Strong leadership skills and demonstrated ability to work
effectively with business leaders, IT management teams, and IT
- Excellent verbal, written and interpersonal communication
- Experience developing and maintaining policies, procedures,
standards and guidelines.
- Experience with common information security management
frameworks, such as CIS Top 20 controls and Cybersecurity
- Proficiency performing risk, business impact, control and
vulnerability assessments, defining treatment strategies, and
- Knowledge of and experience in developing, documenting and
reviewing security architecture and plans, including strategic,
technical and project plans.
- Strong analytical skills to analyze security requirements and
relate them to appropriate security controls.
- A strong understanding of Cloud security, operating system
internals, and network protocols.
- M.S. in Information Security.
- Familiarity with security assessments, incident response
activities and working in environments subject to regulations
(e.g., SOX, Data Privacy) and audit oversight.
- Experience in application technology security controls and
testing (white box, black box and code review).
- Experience in system technology security testing (vulnerability
scanning and penetration testing).
Life at NVR
At NVR, your desire to excel is matched by our commitment to
your success and we'll give you the tools and industry knowledge
you need. Our management team is tenured and talented, nearly 80%
of them promoted from within, so you'll find mentors who can share
their knowledge, provide career guidance and encourage your
NVR also offers benefits among the best in the industry that
reflect the strong commitment we have to all of our employees.
- Competitive Compensation
- Home Purchase Discount
- Mortgage and Settlement Services Discounts
- Comprehensive Health, Life and Disability Insurance
- 401(k) (Full-time employees are eligible to contribute
- Employee Stock Ownership Program
- Vacation and Holidays
In addition to the traditional benefits, we offer all our
employees stock ownership through a profit sharing trust as part of
our retirement savings package. NVR has had the highest Earnings
Per Share growth rate in the homebuilding industry for the past 10
years, so as we grow financially, so do you.
We are an Equal Opportunity Employer.
Drug Testing and Credit Check are required.
Applicants must be legally entitled to work in the United
States, as NVR does not provide visa sponsorships.
Keywords: NVR, Inc., Reston , Information Security Manager, Other , Reston, Virginia
Didn't find what you're looking for? Search again!