Information Security Manager (The Risk Guardian)

Introduction:

Are you a strategic thinker with a passion for protecting digital assets and ensuring that security protocols align with organizational goals? Do you have the leadership skills to guide a team in managing risks, preventing security breaches, and ensuring compliance with industry regulations? If you’re a proactive leader who thrives on building secure infrastructures and driving company-wide security initiatives, then our client is looking for you. We’re seeking an Information Security Manager (aka The Risk Guardian) to lead our security efforts and protect our company from emerging threats.

Imagine leading the charge in security for a fast-paced organization where your decisions safeguard sensitive data and ensure business continuity. As the Information Security Manager at our client, you’ll be responsible for creating and implementing security policies, managing risks, and leading a team of security professionals. This role isn’t just about reacting to threats—it’s about building a culture of security that spans the entire organization.

Key Responsibilities:

1. Information Security Strategy Development:

• Design and implement a comprehensive information security strategy that aligns with the company’s goals and regulatory requirements. You’ll establish a security roadmap that ensures the confidentiality, integrity, and availability of systems and data.

• Identify, assess, and manage security risks across the organization. You’ll ensure compliance with relevant regulations such as GDPR, HIPAA, and PCI-DSS, implementing industry best practices and standards like ISO 27001 and NIST.

• Lead, mentor, and manage a team of cybersecurity professionals, fostering a culture of continuous improvement, vigilance, and collaboration. You’ll ensure that your team is equipped with the necessary skills and tools to proactively defend the organization.

• Oversee the development and execution of a robust incident response plan. You’ll coordinate the detection, containment, and remediation of security breaches, ensuring that incidents are resolved quickly and efficiently.

• Develop, enforce, and update security policies, procedures, and guidelines that protect the organization from evolving threats. You’ll ensure that all employees are aware of and follow security best practices.

• Create and deliver company-wide security awareness programs to educate employees on their role in protecting the organization. You’ll help reduce the risk of human error by ensuring everyone understands security risks and how to avoid them.

• Assess and manage risks associated with third-party vendors, ensuring that they comply with the company’s security requirements. You’ll be responsible for conducting security audits and due diligence on external partners.

Requirements

Required Skills:

• Cybersecurity Expertise: Extensive knowledge of information security principles, including network security, identity management, encryption, vulnerability management, and security frameworks (ISO 27001, NIST, etc.).
• Leadership Excellence: Proven experience leading and mentoring a team of security professionals, with a track record of building strong security cultures. You’re a natural leader who can inspire your team to remain vigilant and proactive.
• Risk Management and Compliance Skills: Strong understanding of security risk management and regulatory compliance (GDPR, HIPAA, PCI-DSS). You know how to assess risks, implement controls, and ensure that the company complies with industry standards.
• Incident Response Expertise: Experience in developing and managing incident response plans, including threat detection, response, and remediation. You’re skilled in managing crisis situations and resolving security breaches quickly.
• Communication Skills: Exceptional ability to communicate security risks and strategies to both technical and non-technical stakeholders. You make complex security issues understandable, ensuring that everyone is aligned.
• Analytical Thinking: Excellent analytical skills with the ability to assess complex security issues and recommend effective solutions. You’re always thinking ahead and anticipating potential threats.
• Humor: A great sense of humor, because we believe in creating a work environment that is both productive and enjoyable. If you can keep the team motivated and calm during security challenges, you’re our kind of leader.

Educational Requirements:

• Bachelor’s or Master’s degree in Cybersecurity, Information Technology, or a related field. Equivalent experience with a proven track record in information security management is also valued.
• Certifications such as CISSP, CISM, CRISC, or CISA are highly desirable. If you’ve contributed to security research or published papers on information security, that’s a bonus.

Experience Requirements:

• 7+ years of experience in information security, with at least 3-5 years in a management role such as Security Manager, Information Security Officer, or similar. You’ve successfully led security teams and managed enterprise-wide security programs.
• Proven experience in managing security for large-scale IT environments, particularly in industries such as finance, healthcare, or technology.
• Experience with cloud security, threat intelligence, and managing security for hybrid IT environments.

Benefits

Benefits:

• Health and Wellness: Comprehensive medical, dental, and vision insurance plans with low co-pays and premiums.
• Paid Time Off: Competitive vacation, sick leave, and 20 paid holidays per year.
• Work-Life Balance: Flexible work schedules and telecommuting options.
• Professional Development: Opportunities for training, certification reimbursement, and career advancement programs.
• Wellness Programs: Access to wellness programs, including gym memberships, health screenings, and mental health resources.
• Life and Disability Insurance: Life insurance and short-term/long-term disability coverage.
• Employee Assistance Program (EAP): Confidential counseling and support services for personal and professional challenges.
• Tuition Reimbursement: Financial assistance for continuing education and professional development.
• Community Engagement: Opportunities to participate in community service and volunteer activities.
• Recognition Programs: Employee recognition programs to celebrate achievements and milestones.