Manager of IT Security

Radwell International•Willingboro Township, NJ

1d•$110,000 - $150,000•Hybrid

About The Position

The Manager of IT Security is responsible for developing, implementing, and maintaining the organization's information security program. This role serves as the primary subject matter expert on cybersecurity strategy, risk management, compliance, and incident response. The Manager of Security works cross-functionally to protect company data, systems, and infrastructure against evolving threats while ensuring alignment with business objectives and regulatory requirements. Other tasks may also be required from time to time, at the discretion of management, in order to achieve department and company objectives. This potion will also require team leadership, support, and training for the Infrastructure, IT Support, and Development teams.

Requirements

Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field (or equivalent experience).
7+ years of progressive IT experience, with 3–5 years in a dedicated security role.
Demonstrated experience managing enterprise security programs across on-premises and cloud environments.
Strong knowledge of identity and access management, network security, endpoint protection, and vulnerability management.
Hands-on experience with Microsoft security technologies (Entra ID, Defender suite, Sentinel, Purview).
Experience leading incident response efforts and conducting forensic investigations.
Excellent communication skills with the ability to convey technical risk to non-technical audiences.
Ability to monitor and plan for the security of complex systems and to provide IT teams with recommended security configurations to be consistent with company policies/procedures to ensure compliance.
Ability to communicate technical/complex information both verbally and in writing.
Ability to establish and maintain cooperation, understanding, trust and credibility.
Ability to perform multiple tasks concurrently and respond to emergency situations effectively.
Work independently with little or no supervision.
Ability to multi-task.
Ability to work at fast pace.
Attention to detail.
Ability to problem solve.
Strong writing and communication skills.
Sensitivity to user needs.
Interpersonal skills are a must.
Must be thorough.

Nice To Haves

One or more industry certifications: CISSP, CISM, CISA, CEH, Security+, or equivalent.
Experience with hybrid Active Directory environments and group policy management.
Familiarity with SIEM platforms (Microsoft Sentinel, Splunk, etc.) and SOAR automation.
Experience supporting compliance programs (SOC 2, PCI-DSS, ISO 27001, or similar).
Prior experience in manufacturing, distribution, or industrial environment is a plus.

Responsibilities

Develop and maintain the enterprise information security strategy, policies, standards, and procedures.
Define and enforce security frameworks aligned with industry best practices (PCI-DSS, GDPR, NIST CSF, ISO 27001, CIS Controls).
Lead the Information Security risk management program, including risk assessments, risk registers, and mitigation planning.
Report on the security posture of the organization to senior leadership and stakeholders on a regular basis.
Design enterprise security architecture across infra, apps, APIs, and data.
Lead risk management program and executive reporting.
Oversee security configuration and hardening of network infrastructure, endpoints, servers, cloud environments, and identity platforms.
Partner with IT operations and architecture teams to embed security into infrastructure design and change management processes.
Manage and optimize security tooling including SIEM, EDR/XDR, firewalls, IDS/IPS, DLP, PAM, and vulnerability management platforms.
Ensure secure administration of Microsoft Entra ID, Active Directory, and M365 environments including conditional access, MFA, and privileged identity management.
Own and continuously improve the Incident Response Plan (IRP), including playbooks, escalation paths, and post-incident reviews.
Lead the investigation and remediation of security incidents, breaches, and threat events.
Manage threat intelligence feeds and coordinate with external partners, MSSPs, and law enforcement as appropriate.
Conduct tabletop exercises and simulations to test organizational readiness.
Ensure compliance with applicable regulatory requirements and frameworks (e.g., SOC 2, CMMC, PCI-DSS, GDPR) as relevant to the business.
Serve as the primary point of contact for security audits, assessments, and third-party reviews.
Maintain documentation and evidence required for audits and certifications.
Manage the vendor and third-party risk assessment program.
Design and administer a company-wide security awareness training program, including phishing simulations.
Promote a culture of security-first thinking across IT and business functions.
Serve as a trusted advisor to business units on security requirements for new projects and technologies.
Lead, mentor, and develop a team of security analysts and/or engineers.
Define team goals, performance metrics, and professional development plans.
Manage relationships with external security vendors, consultants, and managed service providers.
Embed security into CI/CD pipelines (GitHub Actions / Azure DevOps).
Implement SAST, DAST, SCA, secrets scanning.
Enforce secure coding (OWASP Top 10).
Perform threat modeling (STRIDE).
Secure microservices and supply chain (SBOM).
Secure APIs using OAuth2, OIDC, JWT.
Implement API gateway controls (rate limiting, auth).
Monitor API traffic and anomalies.
Secure Azure workloads including AKS, Functions, Storage.
Implement Defender for Cloud, Sentinel.
Enforce identity and access governance.
Implement data classification and DLP.
Encrypt sensitive data.
Leverage Microsoft Purview.
Define security for AI/LLM systems.
Prevent data leakage and model misuse.