Job Summary: The Information Security Manager is responsible for overseeing and enhancing the organizations information security posture. This role involves developing and enforcing security policies conducting risk assessments managing security incidents and ensuring compliance with relevant regulations. The ideal candidate will have a strong background in cybersecurity risk management and IT infrastructure along with excellent leadership and communication skills.
Key Responsibilities:
- Security Strategy Development: Develop implement and maintain a comprehensive information security strategy aligned with business goals and industry best practices.
- Risk Management: Conduct regular risk assessments and vulnerability audits to identify potential threats and implement mitigation strategies.
- Policy and Compliance: Develop update and enforce information security policies procedures and standards. Ensure compliance with regulatory requirements (e.g. GDPR HIPAA PCIDSS).
- Incident Response: Lead the incident response team managing the identification containment and remediation of security breaches. Conduct postincident analysis to improve future response efforts.
- Security Awareness Training: Design and deliver security awareness training programs for employees to promote a culture of security within the organization.
- Collaboration: Work closely with IT legal and other departments to ensure security measures are integrated into all aspects of the business.
- Technology Management: Oversee the implementation and management of security technologies such as firewalls intrusion detection/prevention systems encryption tools and access controls.
- Monitoring and Reporting: Monitor security systems and networks for anomalies and suspicious activities. Generate regular reports on security status incidents and compliance metrics for senior management.
- Vendor Management: Evaluate and manage relationships with security vendors ensuring that security products and services meet the organizations needs.
- Budget Management: Manage the information security budget ensuring the efficient allocation of resources to meet security objectives.
- Continuous Improvement: Stay current with the latest security trends threats and technologies. Continuously improve security processes and tools to protect the organization against emerging threats.
Qualifications:
- Bachelors degree in Information Security Computer Science or a related field. A Masters degree is preferred.
- 5 years of experience in information security or a related field with at least 2 years in a managerial or leadership role.
- Strong knowledge of information security principles practices and frameworks (e.g. NIST ISO 27001).
- Experience with risk management vulnerability assessments and security incident response.
- Proficiency in security technologies including firewalls IDS/IPS SIEM encryption and access control systems.
- Relevant certifications such as CISSP CISM or CISA are highly desirable.
- Excellent leadership communication and project management skills.
- Ability to work under pressure and manage multiple priorities.
- Strong problemsolving and analytical skills.
What We Offer:
- Competitive salary and benefits package.
- Opportunities for professional development and career advancement.
- A collaborative and innovative work environment.
- Health dental and vision insurance.
- Retirement savings plan with company match.
- Paid time off and holidays.