Senior Manager, Information Security

About the Role: 

The Senior Manager, Information Security is a hands-on position reporting to the VP of Information Security, working with VPs and Executives. 

What You’ll Do: 

• Overseeing key areas of the Information Security Program including security incident response, vulnerability management, data protection, and risk management
• Establishing and coordinating remediation and mitigation for identified security risks
• Providing subject matter expertise in information security and identifying key security program elements
• Maintaining security policies, standards, guidelines, processes and procedures to ensure ongoing protection of information assets
• Ensuring technical security controls and technology are maintained and resourced appropriately
• Developing strategies and security initiatives to assess and improve physical, technical, and administrative safeguards and/or controls
• Familiar with cloud Security architectures in AWS
• Implement and maintain Security controls that support NIST, SOC2, SOX & PCI frameworks
• Delivering strategic and tactical Security guidance for IT and Engineering initiatives
• Incorporating Security checks processes into existing and new systems
• Designing and implementing network-based and host-based Security tools
• Critiquing Security designs as part of architectural design reviews
• Respond to incidents or emergencies as they arise, ensuring proper communication and actions are taken, recommend mitigation strategies, and see through to resolution
• Deep understanding of IAM Security, Endpoint Protection, Vulnerability Management and Email Security program management strategy and governance to ensure alignment with standards and zero trust principles
• Possess a strong ability to influence and engage effectively with stakeholders across different functions, demonstrating skill and the talent to Information Security goals across the organization

What We’re Looking For: 

• At least 5+ years of multifaceted security management experience in a pre-IPO and publicly held company environment 
• Focused personality, with a demonstrated ability to take initiative, successfully handle and prioritize multiple competing assignments and effectively manage deadlines
• Demonstrated experience applying security and risk frameworks, and regulations such as NIST CSF/800-53, AICPA SOC criterias, ISO 27001, CIS, OWASP, CSA, etc.
• Proven self-starter, requiring little supervision to take initiative and execute above responsibilities
• Experience in Zero Trust Architecture, Mobile Device Management (MDM) , Endpoint detection and Response (EDR), AWS security controls, data security, risk management, security readiness backed with AI, OKTA Identity Access Management, Security Information and Event Monitoring (SIEM), Business resumption and contingency planning, cyber incident, and crisis management, etc.
• Experience with developing strategic planning, budgeting, and resource management.
• Highly motivated with an exceptional work ethics, problem solving skills, and demonstrated track record of influencing senior leaders and working with peers cross-functionally.
• One or more security certifications including CISSP, CISM, CCSP, CRISC, CISA