Manager, Global Information Security

About The Position

Requirements

• 5+ years of people management experience, including hiring, performance management, coaching, and leading through change.
• 8+ years of experience in information security, technology risk, or related areas, with demonstrated progression in scope and impact.
• Strong risk management mindset: ability to assess risk, articulate tradeoffs, and drive practical mitigation plans that enable the business.
• Experience building and operating security governance (policies/standards, exceptions, metrics, and reporting) across a complex, multi-region organization.
• Proven ability to influence and partner across IT, legal, privacy, audit, and business stakeholders; executive-ready written and verbal communication skills.
• Demonstrated leadership in incident response coordination and investigations, with a focus on decision-making, communication, and continuous improvement.
• Strong prioritization and program management skills; able to manage multiple workstreams, dependencies, and timelines in a dynamic environment.
• Budget and vendor management experience, including defining outcomes, tracking performance, and managing renewals and contracts in partnership with procurement.
• Working knowledge of core security domains (identity and access management, network and endpoint security concepts, logging/monitoring, and data protection). Technical depth is less important than leadership and sound risk judgment.

Nice To Haves

• Relevant certifications (e.g., CISSP, CISM, CRISC, Security+) are preferred but not required; equivalent experience is valued.

Responsibilities

• Lead, coach, and develop a globally distributed team of information security professionals; set clear objectives, provide feedback, and support career growth.
• Own and mature the information security risk management program, including risk assessments, third-party risk input, and risk treatment plans aligned to business priorities.
• Run security exception governance (intake, analysis, approvals, renewals, and reporting), ensuring clear rationale and time-bound remediation plans.
• Provide leadership and consultation across key security domains, including: Security governance, policies, standards, and control oversight Security awareness and culture-building programs Incident response, including investigations and lessons learned Internal and third-party risk assessments and remediation tracking
• Collaborate with product and engineering teams on product security expectations and risk-based priorities
• Support regulatory, audit, and compliance initiatives by providing evidence, risk narratives, and program improvements

Benefits

• 401k with up to a 5% company match
• Fully funded pension plan that provides monthly benefits after retirement
• Comprehensive paid time off – minimum of 10 paid vacation days (additional days are provided with additional seniority/years of service), 12 paid holidays, and sick time
• Tuition reimbursement for continued education
• Medical, dental, and vision plans for you and your family
• Flexible spending accounts (FSA) and health savings account (HSA)
• Paid short-and long-term disability programs
• Life and accidental death and dismemberment insurance
• EAP services including wellness plans, estate planning, financial counseling and more