Infosecurity Engineer
Role Overview
As a Senior Information Security Manager, this role designs and implements the organization's security strategy, oversees risk management, and ensures compliance with regulations like GDPR and HIPAA. Leading a team of security analysts, the position involves threat detection, incident response, and collaborating with IT teams to build secure architectures. The hire will have a significant impact on protecting systems and data against cyber threats, embedding security across the business.
Perks & Benefits
This is a fully remote position, offering flexibility in work location without specific time zone constraints mentioned. Career growth is supported through leadership opportunities, mentoring security teams, and driving security awareness programs. The role emphasizes a collaborative culture with cross-functional teams and senior leadership, focusing on professional development in a dynamic security environment.
Full Job Description
Position Overview
The Senior Information Security Manager is responsible for designing, implementing, and overseeing the organization’s information security strategy, ensuring that our systems, data, and assets remain protected against evolving cyber threats. This role requires a deep understanding of security frameworks, risk management, compliance requirements, and the ability to lead cross-functional teams in building a resilient security posture.
Key Responsibilities
1. Security Strategy & Governance
Develop and execute the organization’s information security roadmap aligned with business objectives.
Establish, maintain, and enforce security policies, standards, and procedures.
Implement governance frameworks such as ISO 27001, NIST CSF, CIS Controls, or equivalent.
2. Risk & Compliance Management
Identify, assess, and mitigate information security risks across the enterprise.
Ensure compliance with relevant regulations (e.g., GDPR, HIPAA, PCI DSS, SOX).
Manage security audits, penetration tests, and vulnerability assessments.
3. Threat Detection & Incident Response
Oversee continuous monitoring of systems for potential security breaches.
Lead and coordinate incident response efforts, including investigation, containment, eradication, and recovery.
Conduct root cause analysis and develop preventive measures.
4. Security Architecture & Technology
Work with IT teams to design secure architectures for applications, networks, and cloud services.
Evaluate, implement, and manage security tools such as SIEM, EDR, DLP, IAM, and WAF.
5. Leadership & Training
Lead and mentor a team of security analysts and engineers.
Drive security awareness and training programs across the organization.
Collaborate with senior leadership to embed security into all aspects of the business.
6. Vendor & Third-Party Security
Assess and manage security risks in third-party relationships.
Establish security requirements and SLAs with vendors and partners.
Qualifications & Skills
Education & Experience:
Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.
8+ years of progressive experience in information security, with at least 3 years in a leadership role.
Industry certifications such as CISSP, CISM, CISA, GIAC, or equivalent.
Technical Skills:
Strong knowledge of security technologies and best practices.
Hands-on experience with cloud security (AWS, Azure, GCP).
Proficiency in threat modeling, penetration testing, and security architecture design.
Soft Skills:
Excellent leadership, communication, and stakeholder management skills.
Ability to translate technical risks into business impact.
Strong analytical and problem-solving abilities.
Similar jobs
Found 6 similar jobs
