IT Security Manager

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, or related field.
• 3-5 years of experience in IT security or related roles, with at least 1 year in management.
• Strong knowledge of: Firewalls, EDR/XDR, SIEM, DLP, IDS/IPS, and encryption technologies.
• Strong knowledge of: Cloud security (Azure, AWS, M365).
• Strong knowledge of: Identity and access management systems.
• Experience implementing or auditing against security frameworks (NIST CSF, ISO 27001, CIS, etc.).
• Excellent communication, project management, and leadership skills.

Nice To Haves

• CISSP – Certified Information Systems Security Professional
• CISM – Certified Information Security Manager
• CompTIA Security+ or CySA+

Responsibilities

• Develop and maintain the organization’s information security policies, standards, and procedures.
• Conduct risk assessments and define mitigation strategies aligned with business goals.
• Lead the implementation of cybersecurity frameworks such as NIST, ISO 27001, or CIS Controls.
• Ensure alignment with regulatory and industry compliance standards (GDPR).
• Manage endpoint, network, cloud, and application security operations.
• Oversee security monitoring, logging, and SIEM platforms (e.g. Crowdstrike, AWS CloudWatch, CloudTrail).
• Direct vulnerability management and patch compliance programs.
• Lead incident response planning, tabletop exercises, and post-incident reviews.
• Maintain and test disaster recovery (DR) and business continuity (BC) security elements.
• Manage IAM systems, privileged access, and role-based access controls.
• Ensure secure integration with Microsoft Entra ID / Azure AD, Active Directory, and SSO platforms.
• Build and maintain a security awareness program across the organization.
• Work towards securing Soc2 Type 2 Certification.
• Manage phishing simulations and targeted education for high-risk departments.
• Lead, mentor, and develop a team of security professionals.
• Collaborate with IT, compliance, HR, and legal teams to ensure unified risk management.
• Provide executive reporting on cybersecurity posture, KPIs, and incidents.
• Evaluate, procure, and manage cybersecurity tools and third-party vendors.
• Conduct vendor risk assessments and ensure contractual security obligations are met.
• Complete Vendor Information Security Questionnaires and Intake Sheets.

Benefits

• Medical & Dental Insurance
• Employer-Paid Vision
• Employer-Paid Short & Long-Term Disability
• Group Life Insurance
• 401(k) Offerings
• Employee Assistance Program (EAP)
• 120 Hours of Paid Time Off (PTO)
• 48 Hours of Sick Time (state dependent)
• 3 Floating Holidays
• 10 Paid Company Holidays: New Year’s Day, Memorial Day, Independence Day, Labor Day, Thanksgiving Day, Day After Thanksgiving, Christmas Eve, Christmas Day, New Year’s Eve