Information Security Operations Manager

Love Where You Work•Provo, UT

18h

About The Position

Responsible for implementing and managing operational cybersecurity controls, including identity and access management, change control, and vulnerability management. Accountable for maintaining secure configurations, enforcing least privilege, and ensuring compliance with security policies and frameworks. Collaborates with governance, architecture, and other teams for policy alignment and operational feasibility. Consulted on risk management, third-party coordination, and strategic security initiatives. ESSENTIAL FUNCTIONS AND BASIC DUTIES Implement and manage cybersecurity controls, including identity and access management, vulnerability management, and secure configurations. Assist with monitoring networks, systems, and user activity to detect and respond to potential cybersecurity threats. Participate in incident response and recovery plans, ensuring timely containment, mitigation, and communication. Perform vulnerability scanning, patch management, and remediation activities. Maintain configuration and change management processes to ensure compliance with security standards. Manage access controls, remote access, and enforce multi-factor authentication. Design and validate controls for data at rest and in transit, implement integrity checks, and enforce secure data disposal. Collaborate with governance, security architecture, and internal/external partners to align operations with organizational risk strategy. Continuously improve detection, protection, and response processes to address evolving threats. Ensure compliance with regulatory requirements, maintain audit logs, and provide security reporting to leadership. Works a regular and predictable schedule.

Requirements

Bachelor’s degree in Cybersecurity or related field or equivalent experience.
CISSP, GIAC, Security+, CEH
Knowledge or NIST CSF 2.0 or other cybersecurity frameworks.
Understanding of network security, identity and access management, vulnerability management, and SEIM and incident response processes.
Understanding of financial institution risk and operations.
Familiarity with regulatory and compliance requirements.
Minimum three years of experience in cybersecurity operation, penetration testing, or a related field.
Hands-on experience with SIEM tools, endpoint protection, and intrusion detection/prevention systems.
Proven track record in incident response and threat analysis.
Working knowledge of the framework policy and regulatory environment of information security, especially in financial services.
A demonstrated ability to work collaboratively with a broad range of constituencies essential.
Strong problem-solving and critical-thinking skills.
Good interpersonal and supervisory skills.
Solid technical expertise skills.
Excellent communication and collaboration abilities for cross-functional coordination.
Ability to manage multiple priorities in a fast-paced environment.

Responsibilities

Implement and manage cybersecurity controls, including identity and access management, vulnerability management, and secure configurations.
Assist with monitoring networks, systems, and user activity to detect and respond to potential cybersecurity threats.
Participate in incident response and recovery plans, ensuring timely containment, mitigation, and communication.
Perform vulnerability scanning, patch management, and remediation activities.
Maintain configuration and change management processes to ensure compliance with security standards.
Manage access controls, remote access, and enforce multi-factor authentication.
Design and validate controls for data at rest and in transit, implement integrity checks, and enforce secure data disposal.
Collaborate with governance, security architecture, and internal/external partners to align operations with organizational risk strategy.
Continuously improve detection, protection, and response processes to address evolving threats.
Ensure compliance with regulatory requirements, maintain audit logs, and provide security reporting to leadership.
Works a regular and predictable schedule.