Manager, Security Standards and Compliance

Join to apply for the Manager, Security Standards and Compliance role at Crown Castle

Continue with Google Continue with Google

3 days ago Be among the first 25 applicants

Join to apply for the Manager, Security Standards and Compliance role at Crown Castle

Position Title: Manager, Security Standards and Compliance (P4)

Company Summary

Crown Castle is the nation’s largest provider of shared communications infrastructure: towers, small cells and fiber. It all works together to meet unprecedented demand—connecting people and communities and transforming the way we do business. Whenever you make a call, track a workout or stream music and videos, we’re the ones providing the communications infrastructure that makes it all possible. From 5G and the internet of things to drones, autonomous vehicles and AR/VR, we enable the technologies that help people stay safe, connected and ready for the future. Crown Castle is publicly traded on the New York Stock Exchange (CCI), is part of the S&P 500 and is one of the largest Real Estate Investment Trusts in the US.

We offer a total benefits package and professional growth development for teammates in any stage of their career. Along with caring for our teammates, we’re an active member in the communities where we live, work and do business. We have a responsibility to give back, which we do through our Connected by Good program. Giving back allows us to improve public spaces where people connect, promote public safety and advance access to education and technology.

Position Summary

The Manager, Security Standards and Compliance role serves as the security governance, risk, and compliance manager responsible for defining, implementing and leading a GRC function on the Enterprise Security team. This position will create the security risk and vulnerability strategy and provide cyber governance and risk management oversight; establishing and managing the security policy framework and relevant standards; overseeing applicable security, privacy, contractual and compliance requirements (i.e. SOC2, MRC, ISO27001, GDPR, CCPA, NIST, DPAs and state/local privacy laws) through strategy development, controls definition and assessment and process oversight.

Essential Job Functions

• Directly responsible for policies, procedures and controls to assure compliance with applicable regulatory, legal and audit requirements as well as good business practices
• Develop and manage an information security risk and vulnerability management program including development, evaluation, and adherence to multiple areas of practice
• Develop a risk strategy that identifies and classifies risks, defines appropriate tolerances, prioritizes mitigation activities, and measures risk levels using the NIST CSF Framework
• Establish and oversee formal risk analysis and self-assessments program for various information services, systems, processes and recognized industry standards
• Identify, assess, manage, and track remediation of risks related to Digital Transformation / IT infrastructure, applications, platforms and suppliers and drive explicit requirements and timelines in all environments
• Develop strong relationships with Crown Castle technology teams as well as Crown Castle business owners and key stakeholders to ensure risk management oversight is understood, managed appropriately and current with all standards, guidelines, and regulations that are applicable
• Liaise with all departments to identify, track and provide remediation guidance for new Digital Transformation and Crown Castle Fiber Engineering projects, services and/or third-party contracts in terms of information security assurance
• Oversee highest risk initiatives and serve as a point of escalation for remediation/mitigation efforts
• Develop security compliance strategy and approach and ensure compliance with MRC, SOC2, ISO27001, CCPA, GDPR, local privacy laws, contractual requirements and globally-recognized standards and guidelines
• Establish and oversee formal vulnerability management, penetration testing and security posture assessment programs
• Identify regulatory, legislative, and industry specific compliance requirements and define controls that can be used to meet those requirements
• Oversee third party assessment standards and privileged user monitoring as a check on critical system access
• Attend training seminars, conferences, and trade shows to broaden knowledge of current and future IT Security Operations issues and technologies.
• Participate in 24x7 Enterprise Security Incident Response team.
  
  

Education/Certifications

• Bachelor’s degree in IT, Management, or Leadership related field
  
  

Experience/Minimum Requirements

• Five (5) plus years of Cyber Security management work
• Ten (10) plus years of Cyber Security experience
• CISSP preferred
• Strong knowledge of industry frameworks, such as ISO and NIST
  
  

Other Skills/Abilities

• Demonstrated progressive experience in the management of a technical support team
• Proven track record of developing and providing Corporate Security Service Level Agreements
• Solid relationship management and performance management skills
• Ability to motivate and direct staff members and subordinates
• Strong understanding of the organization’s goals and objectives
• Exceptional written and oral communication skills
• Exceptional interpersonal skills, with a focus on listening and questioning skills
• Strong documentation skills
• Ability to conduct research into a wide range of computing issues as required
• Ability to present ideas in user-friendly language to non-technical staff and end users
• Keen attention to detail
• Ability to effectively prioritize and execute tasks in a high-pressure environment
• Exceptional customer service orientation
• Experience working in a team-oriented, collaborative environment
  
  

Working Conditions: This is a remote role with the expectation of on-site/in-person collaboration with teammates and stakeholders for moments that matter.

Compensation: The pay range offered for this position is $118,800 - $163,300 annually. A candidate’s offer is determined by various factors including but not limited to, depth of experience, role-related knowledge and skills, relevant education or training, internal alignment, and work location. Depending on the position offered, the compensation package may also include incentive compensation opportunities in the form of a discretionary annual cash bonus or commissions, and equity incentives. Employees (and their families) are eligible for medical, dental, vision, and basic life insurance. Employees are able to enroll in our company’s 401k plan. Employees will also receive a minimum of 18 days of paid time off each year and 12 paid holidays throughout the calendar year.

If you are interested in joining our team, please visit the Crown Castle careers site (crowncastle.com/careers) to apply. We do not accept resumes from agencies, headhunters, or other third-party suppliers who have not signed a formal agreement with us. This position will remain posted until filled.

Organizational Relationship

Reportsto: CISO

Title(s) of direct reports (if applicable): Analysts (2)

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Other, Information Technology, and Management
• Industries
  Telecommunications and Wireless Services

Referrals increase your chances of interviewing at Crown Castle by 2x

Continue with Google Continue with Google

Continue with Google Continue with Google

Washington, DC $50,000 - $100,000 4 months ago

District of Columbia, United States 2 weeks ago

District of Columbia, United States 2 months ago

District of Columbia, United States 3 months ago

Washington, DC
$75,000.00
-
$80,000.00
1 month ago

Fort Meade, MD
$175,000.00
-
$215,000.00
8 months ago

Washington DC-Baltimore Area 11 hours ago

Washington, DC
$170,000.00
-
$190,000.00
2 weeks ago

Germantown, MD
$170,000.00
-
$190,000.00
2 weeks ago

Washington, DC
$119,850.00
-
$162,150.00
6 hours ago

Silver Spring, MD
$25.64
-
$36.95
1 week ago

Washington, DC
$139,000.00
-
$157,000.00
2 weeks ago

Annapolis Junction, MD $129,300 - $193,900 1 week ago

Washington, DC $177,000 - $251,000 1 week ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.