InfoSec Manager
United States
Full Time
1 week ago
$119,000 - $161,000 USD
H1B Sponsor
Key skills
FirewallsSDLCSplunkLeadershipRisk ManagementCommunicationFirewall
About this role
Role Overview
- Provide direct supervision to the Security Operations and Compliance teams, fostering a collaborative environment that integrates real-time threat defense with long-term risk management
- Provide day-to-day leadership, mentorship, and resource management for the SecOps and Compliance teams
- Act as the primary liaison between the technical teams and the AOTO Information Security Officer (ISO) and Government Leads
- Develop and execute strategic security plans that align technical capabilities (SIEM, Firewalls) with policy requirements (NIST 800-53, JISF)
- Synthesize data from Security Operations and Compliance activities to provide executive-level reporting on the organization's risk posture, security trends, and program health
- Oversee the 24/7/365 efficacy of security tools and operational activities, including Incident Response (IR), Intrusion Detection/Prevention, and SIEM management (Splunk)
- Ensure timely triage, investigation, and remediation of security events, serving as the escalation point for critical incidents
- Direct the Vulnerability Management program, ensuring scans are conducted, analyzed, and remediation efforts are coordinated effectively across cross-functional IT teams
- Manage the implementation and maintenance of security infrastructure (Next-Gen Firewalls, Endpoint Protection, Web Gateways)
- Supervise the full lifecycle of Assessment & Authorization (A&A) activities, ensuring systems maintain Authority to Operate (ATO) in accordance with the Judiciary Information Security Framework (JISF) and NIST RMF
- Oversee the development and maintenance of System Security Plans (SSPs), POA&Ms, and other critical security documentation in the CSAM tool
- Ensure that new and existing systems integrate security controls early in the SDLC (Security by Design) and meet auditing requirements
- Review and approve policy updates, Standard Operating Procedures (SOPs), and Concept of Operations (CONOPS) documents
- Manage the IT Security Awareness Training and Phishing Simulation program, ensuring continuous improvement and high user engagement
- Collaborate with AOTO project managers and system owners to ensure security resources are appropriately allocated to ongoing projects
- Maintain awareness of emerging threat intelligence and regulatory changes to proactively adapt the program’s defense and compliance strategies
Requirements
- At least 10 years of progressive IT security experience, with a minimum of 3-5 years in a leadership or management role supervising teams
- Understanding of Security Operations architectures (SIEM, Firewall, IDS/IPS, Vulnerability Scanning) and Incident Response lifecycles
- Experience coordinating and overseeing the implementation of security projects
- Ability to manage diverse teams, prioritize conflicting demands, and drive performance towards meeting SLA/contractual requirements
- Excellent oral and written communication skills, with the ability to translate complex technical issues into business risks for senior management and government stakeholders
- Familiarity with enterprise tools such as Splunk, Nessus, CSAM, and Patch Management systems is a plus
- Knowledge of risk management framework pertaining to IT Security a plus
- Knowledge of general management and auditing techniques for identifying problems, gathering and analyzing pertinent information, forming conclusions, developing solutions and implementing plans consistent with management goals.
Tech Stack
- Firewalls
- SDLC
- Splunk
Benefits
- a variety of medical plan options
- some with Health Savings Accounts
- dental plan options
- a vision plan
- a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match
- full flex work weeks where possible
- a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave
- 15 days of paid leave per calendar year
- 10 paid holidays per year
- up to 160 hours of paid leave in a rolling 12 month period for eligible employees
- short and long-term disability benefits
- life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance