Human Resources

  • Cyber Security and Compliance Manager

    Posted Date 7 months ago(11/5/2018 4:12 PM)
    Job ID
    # of Openings
    Information Technology
    ARCO Business Services
    Job Location
    US-MO-St. Louis

    Have you wanted to play a vital role in building the cyber security program and ultimately own responsibility in leading the program in collaboration with the businesses, IT and 3rd party vendor partnerships? Do you have an advanced knowledge of Information Security principles and practices to drive the security of ARCO to be best in class? Do you act with integrity and hold yourself to the highest standards? If the answer is, “Yes!” then we have an exciting, long-term opportunity for you. Who are we? We are ARCO, The Design/Build Experts.


    We are looking for a strong leader to step in as our Cyber Security and Compliance Manager in our corporate headquarters in St. Louis. You’ll be responsible for developing and delivering solutions that protect systems, applications and data through defined policies, practices and tools in our growing organization.


    We are dedicated to the well-being of our associates and are proud to be consistently recognized as a Best Place to Work. Our compensation and benefits package not only supports our associates and their families but benefits local communities and communities around the world.


    • Industry-leading performance-based bonus program
    • Generously funded profit sharing
    • Traditional and Roth 401k
    • Tuition reimbursement for associates
    • Scholarship for associates’ children up to $28,000 per child
    • 1-month paid sabbatical after every five years of employment, plus $5,000 for travel
    • 1-week paid volunteer leave each year
    • 100% charitable match
    • Medical, dental, and vision insurance coverage
    • 100% paid 10-week maternity leave


    At ARCO, our first core value is to treat people fairly and do the right thing. We are proud to be an equal opportunity employer, and all qualified applicants will receive consideration for employment.


    • Lead the implementation of a security initiatives and systems via well-defined plans including procedures, deadlines, and accountability.
    • Works with the members of the IT team on the architecture of IT applications and infrastructure assuring that security is maximized.
    • Develop, implement and maintain a Physical Security Program and Cyber Security Policies
    • Translate Information Security knowledge into actionable plans to protect enterprise assets
    • Provides the support, administration, and maintenance necessary to ensure effective and efficient information security
    • Responds to security incidents in a timely manner
    • Develop, maintain and exercise a security incident response plan
    • Performs administration of firewalls, intrusion detection and prevention systems, and SIEM solutions such as Splunk or LogRythm.
    • Develop and educate the IT organization in information security standards and best practices for common web applications and infrastructure.
    • Manage vulnerability responses by performing analysis, determining enterprise scope, impact and remediation of identified ad hoc vulnerabilities.
    • Stay up to date with various security vendors to support threat and vulnerability management across web, mobile and other infrastructure systems.
    • Responsible for developing, managing and periodic reporting of the security metrics to accurately track the current state of defenses, protections and performance
    • Provide recommendation and implement innovative solutions, modifications and enhancements to security training and awareness programs.
    • Develops and manages an information security operations center (ISOC), monitoring, assessing and defending the enterprise information systems, including websites, applications, databases, data centers, servers, networks, desktops and other endpoints.
    • Manages daily technical operations of the information security team.
    • Designs and oversees the execution of internal security testing methodologies and execution; conducts vulnerability testing and remediation on software, architecture and vendors.
    • Interact with senior management levels, which involves negotiating or influencing on significant matters
    • Ensure that effective tools and processes are in place to protect assets from the evolving threat landscape
    • Work with Infrastructure and Desktop support personnel to configure and deploy tools
    • Build procedures to administer the tools and monitor outputs
    • Stay abreast of new threats and continuously evaluate current processes and tool sets
    • Commit to continuous learning and networking with the larger cyber security community
    • Design processes and procedures to enable information technology personnel to conform with the compliance framework
    • Work with leaders outside of IT to design processes and procedures for operational business units’ compliance.
    • Be accountable for periodic testing and auditing of compliance


    • At least 5 years of demonstrated experience in some of the enterprise security functions such as, Security Compliance framework, Identity & Access Management, Cloud Security, Vulnerability Management, Firewalls, Antivirus, Penetration testing and other related functions
    • Strong knowledge of information systems security components and best practices including: firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices 
    • Knowledge of industry standard best practices with regards to security
    • Working knowledge of Microsoft Active Directory, Microsoft Windows Operating Systems and Microsoft Exchange, Microsoft Azure, Office 365, Cisco Meraki

    Preferred Certifications:

    • CISA: Certified Information Security Auditor
    • CRISC: Certified in Risk and Information Systems Control
    • CISSP: Certified Information Systems Security Professional
    • CISM: Certified Information Systems Manager


    We are one of the fastest-growing, privately owned companies in America, completing over 4,000 design/build projects across 48 states. We ranked #15 out of the top 100 design/build companies in the U.S. and #49 on the ENR Top 400 Contractors list of 2018. Most importantly, our clients like us, they trust us and want to do business with us. We are looking for people with the same enthusiasm, passion, and respect for hard work that brought us to where we are today. Are you a person that can make a difference at ARCO? If the answer is, “Yes!” we look forward to meeting you.


    ARCO does not accept unsolicited resumes from individual recruiters or third party recruiting agencies without pre-approval from ARCO’s Human Resource team. Pre-approval is required before any external candidate can be submitted. ARCO will not be responsible for fees related to unsolicited resumes and for candidates who are sent directly to our hiring managers.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed