Information Security Manager
Austin, Texas, United States of America
Full Time
2 weeks ago
$100,000 - $160,000 USD
No Visa Sponsorship
Key skills
Cyber SecurityFirewallsLeadershipRisk Management
About this role
Role Overview
- Develop, implement, and continuously improve organizational information security policies, standards, and procedures.
- Ensure alignment of security policies with organizational goals, regulatory requirements, and industry best practices (e.g., NIST, ISO 27001).
- Monitor and enforce compliance with security standards for staff and third-party vendors.
- Conduct regular audits, gap analyses, and performance assessments of security policies and controls, addressing deficiencies and making recommendations.
- Conduct periodic risk assessments for IT systems, infrastructure, and vendors to identify vulnerabilities, threats, and weaknesses.
- Work with internal teams to mitigate known vulnerabilities and prioritize remediation strategies.
- Utilize vulnerability scanning tools and methodologies to proactively safeguard systems.
- Supervise the management and monitoring of security information and event management (SIEM) systems to promptly detect and respond to security breaches.
- Direct security incident response efforts, including managing containment, analysis, and remediation actions, and leading post-incident investigations.
- Analyze root causes of security violations and design proactive measures to prevent recurrence.
- Collaborate with cybersecurity teams, IT departments, and third-party vendors in supporting a robust incident response process.
- Oversee configuration, management, and monitoring of security systems, such as firewalls, intrusion detection/prevention systems, encryption protocols, and antivirus software.
- Safeguard sensitive data by managing access controls and permissions, ensuring compliance with data protection regulations such as GDPR, HIPAA, and CCPA.
- Implement and enforce secure protocols for data at rest, in transit, and during processing.
- Develop and deliver ongoing cybersecurity awareness and training programs to all organizational employees.
- Advocate for a security-first culture by providing guidance and resources to non-technical teams.
- Conduct phishing simulations and other exercises to assess and improve employee preparedness.
- Ensure compliance with relevant laws, regulations, and standards, such as SOC 2, PCI DSS, FISMA, or other industry-specific requirements.
- Maintain detailed documentation and prepare reports for stakeholders, auditors, and regulatory organizations.
Requirements
- 1-3 years of experience in the field for Level 1
- 4-7 years of experience in the field for Level 2
- 8 or more years of experience for Level 3
- Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field (desired)
- Minimum of 5 years of experience in information security, cybersecurity, or IT risk management (desired)
- At least 2 years in a leadership or managerial role in information security (desired)
Tech Stack
- Cyber Security
- Firewalls
Benefits
- Medical, Dental and Vision Insurance
- Wellness Program
- Flexible Spending Accounts (Healthcare, Dependent Care, Commuter)
- Short-Term and Long-Term Disability options
- Basic Life and AD&D Insurance (Company Provided)
- Voluntary Life and AD&D options
- 401(k) Retirement Savings Plan with matching after one year
- Paid Time Off