Sr. Manager, Information Security

The Senior Manager of Information Security in IT is responsible for leading and overseeing an organization's information security program.

This includes developing and implementing strategies, policies, and procedures to protect the company's information assets, systems, and networks from potential threats and cyber-attacks.

The role involves conducting security risk assessments, enforcing security controls, and coordinating incident response efforts.

The ideal candidate should have a strong background in information security, risk management, and leadership skills. They will work closely with cross-functional teams and senior management to ensure compliance with security standards and promote a security-conscious culture.

Advanced certifications and relevant experience in information security management will be good for this position.

Essential Duties and Responsibilities :

Includes the following essential duties and responsibilities (other duties may also be assigned) :

• Overseeing and managing an organization's security initiatives to protect its assets, employees, and stakeholders
• Security Strategy : Develop and implement a comprehensive security strategy aligned with the IT organization's goals and risk profile
• Policy and Procedure Development : Establish and enforce security policies, procedures, and guidelines to ensure compliance with industry standards and regulations
• Risk Assessment : Conduct regular risk assessments to identify potential security vulnerabilities and develop mitigation plans
• Incident Management : Lead the response to security incidents, coordinating efforts to minimize the impact and recover from any breaches
• Physical Security : Implement measures to safeguard the organization's physical assets and facilities, including access controls and surveillance systems
• Cybersecurity : Oversee the deployment of cybersecurity measures to protect information systems, networks, and data from cyber threats
• Personnel Security : Ensure the organization follows appropriate practices for security training, and awareness programs
• Resource Management : Manage the staffing, and resource allocation efficiently
• Compliance : Ensure adherence to relevant security laws, regulations, and industry standards
• Vendor Management : Oversee security-related vendors and service providers to ensure they meet security requirements
• Security Awareness : Promote a security-aware culture throughout the organization through training and education initiatives
• Business Continuity Planning : Develop and test business continuity and disaster recovery plans to ensure the organization's ability to respond to disruptions effectively
• Reporting : Provide regular reports to senior management on security incidents, risks, and the overall effectiveness of security measures
• Security Audits : Collaborate with internal and external auditors to conduct security assessments and address any findings
• Emerging Threats and Technologies : Stay informed about the latest security trends, technologies, and threats to continuously improve the organization's security posture

Qualifications :

• Bachelor's or Master's degree in engineering discipline or relevant field preferred
• Minimum of 12 years’ experience in IT industry, with 6 years in management is highly desired
• Strong leadership and communication skills to lead a security team and collaborate effectively with cross-functional teams and senior management
• Strong analytical and problem-solving abilities to address complex security challenges
• Extensive experience in security management, with a proven track record of implementing and overseeing security programs
• Advanced certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) is a plus
• In-depth knowledge of information security standards, frameworks, and best practices (e.g., ISO 27001, NIST, CIS Controls)
• Solid understanding of networking, systems, and information security principles
• Solid project management skills to manage multiple initiatives simultaneously

Salary Range

$177,600 - $224,400

The salary offered will depend on several factors, including your location, level, education, training, specific skills, years of experience, and comparison to other employees already in this role.

In addition to a comprehensive benefits package, candidates may be eligible for other forms of compensation, such as participation in bonus and equity award programs.