Information Security Manager (Contract)

About The Position

Requirements

• Bachelor's degree or equivalent in Computer Science, Cybersecurity, or related field.
• At least 7 years of experience in cybersecurity, with at least 2 years of experience in management.
• Strong understanding of cybersecurity frameworks, assessment processes, tools, and standards, such as NIST, ISO, and CIS.
• Proven ability to plan, manage, and communicate security programs and projects, with experience delivering measurable outcomes aligned with risk management goals.
• Advanced technical expertise in cybersecurity, including knowledge of security technologies, practices, and principles.
• Excellent communication and interpersonal skills, with the ability to build relationships with stakeholders at all levels of the organization.
• Strong leadership and project management skills, with the ability to motivate and lead cross-functional teams.
• Vendor risk management and third-party cybersecurity assessments, including understanding contract security requirements and SLAs.

Nice To Haves

• CISSP, CISM, or other relevant cybersecurity certifications are highly desirable.

Responsibilities

• Lead and oversee the development and execution of enterprise-wide cybersecurity programs that align with the organization's goals and objectives.
• Ensure that all programs are in compliance with cybersecurity frameworks, assessment processes, tools, and standards by maintaining governance over assessment processes, control implementations, and compliance validation activities.
• Direct and manage multiple security initiatives and cross-functional projects, providing leadership to contractors and internal teams to ensure timely and successful completion.
• Communicate program performance, risks, and mitigation strategies to stakeholders, including both technical and leadership teams.
• Establish and maintain program documentation, including program plans, project plans, and roadmaps.
• Mentor and support technical teams and contractors by providing subject matter expertise and fostering professional growth through guidance, coaching, and accountability.
• Monitor industry trends and best practices to identify opportunities for improvement in our cybersecurity programs.
• Collaborate with other teams within the organization to ensure that cybersecurity considerations are integrated into all aspects of business operations.
• Champion ongoing internal security advocacy and awareness training.
• Assess security systems and test applications and infrastructure for vulnerabilities and seek improvements on a continuous basis.
• Develop Cybersecurity best practices and security standards for the organization.
• Direct the execution of vulnerability assessments and penetration testing across applications, systems, and infrastructure, ensuring findings are prioritized and remediated.
• Lead incident response and threat management coordination efforts, ensuring contractors follow escalation protocols, post-incident analysis, and continuous improvement.
• Evaluate, select, and manage security tools and vendor relationships, ensuring solutions meet evolving organizational needs and contractual expectations.
• Track key metrics and provide regular reporting on security posture, risk remediation efforts, and contractor performance to leadership and audit stakeholders.

Benefits

• Comprehensive Extended Health & Dental Benefits
• Generous Paid Time Off, including annual vacation and personal days
• Hybrid Work Environment, offering flexibility to work both remotely and from our corporate offices