Information Security Manager

Mariani Landscape•Lake Bluff, IL

2d•$119,200 - $146,600•Onsite

About The Position

Mariani Premier Group is seeking top talent to join our team as an Information Security Manager. The Information Security Manager is responsible for managing and executing the company’s information security program. This role is highly hands-on and requires strong technical proficiency across cybersecurity operations, infrastructure security, Microsoft Azure, Microsoft 365, endpoint protection, incident response, and risk management. Reporting to an IT Director, this individual will serve as the primary owner of day-to-day information security activities and will work closely with IT, operations, field service teams, business leaders, and external partners to protect the confidentiality, integrity, and availability of company systems and data. This is an individual contributor role with no direct reports. The successful candidate must be comfortable both leading the security program and personally performing the technical work required to maintain, improve, and monitor the company’s security posture.

Requirements

Minimum of 5+ years of hands-on experience in cybersecurity, information security, infrastructure security, systems administration, or a related technical discipline.
Demonstrated ability to manage and execute core security functions without relying on a large internal security team.
Strong technical experience with incident response, vulnerability management, endpoint security, identity and access management, security monitoring, and threat mitigation.
Solid understanding of cybersecurity principles, common attack techniques, security controls, risk management, and infrastructure hardening.
Hands-on experience securing Microsoft Azure and Microsoft 365 environments, including creation and maintenance of automation scripts.
Familiarity with Microsoft security tools such as Microsoft Defender, Entra ID, Intune, Purview, Sentinel, or related technologies preferred.
Experience supporting security in environments with remote workers, mobile devices, distributed locations, or field service operations strongly preferred.
Ability to evaluate security risks and recommend practical, business-aligned remediation steps.
Strong documentation skills, including the ability to maintain policies, procedures, standards, incident records, and risk registers.
Comfortable communicating security topics to both technical and non-technical audiences.
Ability to work independently, prioritize effectively, and drive security work to completion.
Experience with disaster recovery, business continuity, backup protection, and ransomware preparedness preferred.

Nice To Haves

Security certifications such as CISSP, CISM, CISA, Security+, CySA+, GSEC, or similar are preferred but not required.
Infrastructure, cloud, or Microsoft certifications are a plus.

Responsibilities

Manage and execute the company’s information security program, including policies, procedures, controls, security standards, risk assessments, remediation tracking, and ongoing security improvements.
Perform day-to-day security activities, including monitoring security tools, reviewing alerts, investigating suspicious activity, coordinating remediation, managing vulnerabilities, and improving detective and preventive controls.
Assess, implement, and maintain security controls across enterprise systems, including infrastructure, endpoints, identity platforms, cloud environments, field service applications, mobile devices, and the Microsoft Azure and Microsoft 365 ecosystems.
Maintain and execute the company’s incident response process. Investigate security events, coordinate containment and remediation efforts, document incidents, and work with internal teams and external partners as needed.
Identify and address cybersecurity risks related to field service scheduling systems, mobile device usage, remote workforce access, geographically dispersed operations, and field technician workflows.
Perform or coordinate vulnerability assessments, risk reviews, security control evaluations, and remediation efforts. Prioritize findings based on business impact, likelihood, and operational risk.
Support and improve identity and access management practices, including user access reviews, privileged access controls, multi-factor authentication, conditional access, endpoint security, and device compliance.
Configure, monitor, and improve security across Microsoft Azure and Microsoft 365 environments, including Entra ID, Defender, Purview, Exchange Online, SharePoint, Teams, Intune, and related security capabilities.
Support disaster recovery and business continuity planning from a cybersecurity perspective. Assist with backup protection, recovery testing, ransomware readiness, and resilience planning.
Maintain security documentation, policies, procedures, standards, risk registers, audit evidence, and compliance-related materials. Help ensure alignment with applicable cybersecurity best practices and business requirements.
Promote a practical security awareness culture across the organization, including field technicians, office staff, operations teams, and business users. Support phishing simulations, user education, and security communications.
Assist with security reviews of vendors, service providers, software platforms, and third-party integrations. Track risks and coordinate follow-up remediation where needed.
Work closely with infrastructure, applications, service desk, operations, and business stakeholders to identify security needs, resolve issues, and implement practical security improvements.