Manager, Information Security

viva health•Birmingham, AL

63d

About The Position

The Manager of Information Security oversees and mentors a team of security engineers while remaining hands-on in designing, implementing, and monitoring security measures that safeguard the organization's digital assets. This individual will need a broad and strategic knowledge of principles, practices, and procedures in information security to plan, design, develop, execute, and support critical systems and projects. This role will lead the planning, design, enforcement, and audit of enterprise-wide security policies and procedures which safeguard the integrity of and access to enterprise systems, files, and data elements while actively engaging in tactical execution. This position will continuously assess, refine, and implement data security strategies proactively advising leadership with actionable risk assessments and security briefings. This individual evaluates and deploys emerging technologies, collaborates across IT Operations and Development, and strengthens organizational resilience by championing employee education, security culture, security best practice, and continuous improvement. This role drives value by balancing leadership responsibilities with direct technical contributions, ensuring scalable protection aligned with future business growth.

Requirements

Bachelor's Degree in Information Systems or related field or equivalent work experience
7 years of I.T. environment experience with progressive responsibilities
3+ years management experience in I.T.
Expertise in risk assessment tools, methodologies, and data-driven decision-making
Proficiency of security platforms such as: endpoint detection and response (EDR), internet traffic for both onsite remote users, and intrusion prevention (IDS/IPS/DLP)
Knowledge of databases (MSSQL/MongoDB/MySQL)
Advanced skills in Azure cloud including Purview and Defender
Hands on experience in penetration testing and vulnerability management
Knowledge of firewall and intrusion detection/prevention protocols
Proven ability to lead system administration and security across diverse environments (Windows, UNIX, Linux)
Skilled in drafting, enforcing, and scaling security policies, standards, and procedures
Strong communicator who can translate complex security risks into actionable business terms for executives
Ability to read and use the results of mobile code, malicious code, and anti-virus software

Nice To Haves

CISSP, CISM, or equivalent advanced certifications
Knowledge of disaster recovery, computer forensic tools, technologies, and methods
Strong understanding of software development frameworks and code review
Knowledge of virtualization technology

Responsibilities

Direct and actively contribute to day-to-day security operations.
Perform hands on technical work in daily security operations while guiding team performance.
Lead the development and enforcement of comprehensive, scalable security policies and frameworks.
Recommend, implement, and optimize security protections across enterprise systems.
Conduct and oversee vulnerability assessments, mitigation, and remediation strategies.
Monitor and interpret threat intelligence using organizational tools.
Research, identify, and deploy solutions that strengthen the organizations cyber defense posture.
Detect, investigate, and resolve potential security breaches.
Participate in the vetting and management of third-party vendors and business associates.
Drive enterprise-wide risk assessments with quantifiable, business-aligned outcomes.