Senior Manager, Information Security

About The Position

Requirements

• Knowledge of healthcare industry frameworks and regulations, e.g. HIPAA and HITRUST.
• Knowledge of international information security frameworks and standards, e.g. NIST, ISO
• Alignment with Sound’s mission, vision and core values
• Experience managing a mix of in-house staff and service providers
• Bachelor’s Degree in a relevant field is required.
• 5-6 years of experience in relevant field

Nice To Haves

• Master’s degree is preferred.

Responsibilities

• Lead the design, implementation, and lifecycle management of enterprise-wide security technologies (e.g., SIEM, EDR, IAM, DLP, CASB).
• Drive secure-by-design practices across infrastructure and application development (DevSecOps).
• Evaluate and integrate emerging security tools to enhance detection, prevention, and response capabilities.
• Define and maintain security architecture standards and reference models.
• Oversee the Security Operations Center (SOC), including monitoring, incident response, and threat intelligence.
• Lead vulnerability management, threat hunting, and red/blue team exercises.
• Develop and maintain operational runbooks, escalation procedures, and incident response plans.
• Ensure continuous improvement of detection and response capabilities.
• Manage and mentor a team of security engineers and analysts.
• Evaluate team performance, define growth plans, and foster a culture of accountability and innovation.
• Provide coaching, feedback, and technical guidance to elevate team capabilities.
• Partner with IT, DevOps, Infrastructure, and Application teams to embed security controls across systems and services.
• Collaborate with GRC teams to support audits, risk assessments, and compliance initiatives.
• Provide technical input on policy development, control design, and remediation planning.
• Define and track KPIs for security engineering and operations.
• Deliver regular briefings to executive leadership on threat landscape, control maturity, and operational performance.
• Communicate effectively with stakeholders about security risks, incidents, and mitigation strategies.
• Align security initiatives with business objectives and regulatory requirements.
• Lead quarterly planning and execution of security projects.
• Track industry trends and emerging threats to inform strategic direction.

Benefits

• Medical insurance, Dental insurance, and Vision insurance
• Health care and dependent care flexible spending account
• 401(k) retirement savings plan with a company match
• Paid time off (PTO) begins accruing immediately upon start date at a rate of 15 days per year, in accordance with Sound's PTO policy
• Ten company-paid holidays per year