Sr. Manager, Information Security

About The Position

Requirements

• 8+ years in Information Security, with substantial experience in security engineering and/or SecOps, including ownership of enterprise security tools.
• 3+ years acting as lead or service owner for at least two of: Qualys or equivalent enterprise vulnerability management platform, Netskope or equivalent SWG/CASB/ZTN, Enterprise DLP solution, Vectra or equivalent NDR.
• Demonstrated experience defining roadmaps, standards, and metrics, and driving cross functional implementation without direct people management authority.
• Proven track record of delivering metric-driven improvements (coverage, risk reduction, SLA performance).
• Deep knowledge of vulnerability management, web/cloud security, NDR, DLP, and offensive security (penetration testing/red teaming) concepts and operations.
• Experience integrating tools with SIEM, SOAR, EDR/XDR, ITSM, and CMDB, and designing robust data flows and use cases.
• Strong scripting and automation capability (e.g., Python, PowerShell, REST APIs) and experience guiding others in adopting automation patterns.
• Familiarity with frameworks and regulations such as NIST CSF, CIS Controls, HITRUST, SOC 2, HIPAA and ability to map them to tooling capabilities.
• Excellent analytical, communication, and collaboration skills; able to influence decisions and explain tradeoffs to both technical and nontechnical audiences.

Nice To Haves

• Advanced degree in Information Security, Computer Science, or related field, or MBA with technology focus.
• Certifications such as CISSP, GIAC (GCIH, GCIA, GMON), CISM, or vendor certifications for Qualys, Netskope, Vectra, or major DLP platforms.
• Experience in healthcare, medical devices, or other highly regulated environments.
• Proven experience leading SOAR and automation initiatives, from design through rollout and operationalization.

Responsibilities

• Serve as service owner and primary authority for: Qualys or equivalent vulnerability management, Netskope or equivalent SWG/CASB/ZTNA, Enterprise DLP or equivalent (endpoint, email, and/or cloud), Vectra or equivalent NDR platform.
• Define and maintain tool strategy, roadmap, and standards, including policies, configurations, and integration patterns.
• Coordinate with SecOps, Infrastructure, Cloud, Network, and Product/Cloud Security to prioritize backlogs and ensure tools support business and risk reduction objectives.
• Own the Qualys (or equivalent) operating model, including scan architecture, schedules, asset tagging, and authentication patterns across on prem, cloud, and endpoint assets.
• Define risk-based prioritization models, remediation SLAs, and exception processes in partnership with asset owners and SecOps.
• Establish and maintain dashboards and reports for coverage, vulnerability aging, SLA performance, and risk trends; use these to drive accountability with IT and business stakeholders.
• Lead the design and governance of DLP and Netskope (or equivalent) policies to protect sensitive data (e.g., PHI, PII, confidential IP) across web, cloud apps, endpoints, and email.
• Partner with Data Owners, Privacy, Legal, and Compliance to translate classification and regulatory requirements into implementable policies.
• Oversee tuning strategy, rollout plans, and exception handling, balancing protection with business productivity.
• Define and oversee detection engineering strategy for Vectra (or equivalent) NDR and related integrations into SIEM/SOAR and case management.
• Work with SecOps to design and refine detections, correlation rules, and playbooks leveraging NDR, CASB/SWG, DLP, EDR/XDR, and vulnerability data.
• Act as Tier3 escalation for incidents involving these tools and ensure post incident findings are translated into durable configuration, process, and automation improvements.
• Define and own KPIs/KRIs for security tooling, including: Vulnerability remediation rates and SLA adherence, Tool and sensor coverage across environments, DLP incident volumes, false positive rates, and closure times.
• Drive automation strategy and patterns using APIs, scripting (e.g., Python, PowerShell), and SOAR, guiding engineers who implement automations and contributing hands on as needed.
• Lead continuous improvement initiatives to reduce manual effort, improve data quality, and standardize workflows across SecOps and IT (e.g., standard runbooks, intake processes, and change patterns).
• Act as the primary point of contact for these tools with Infrastructure, Cloud, Network, Application Owners, and Product/Cloud Security.
• Create and maintain SOPs, runbooks, architectures, and knowledge articles for security tools and workflows; ensure they are adopted and kept current.
• Plan and deliver training, enablement, and communications for SecOps, IT, and other stakeholders on tool capabilities, dashboards, metrics, and best practices.
• Support audits, certifications, and customer security assessments where these tools and metrics are in scope, ensuring consistent, evidence-backed responses.
• Coordinate and oversee penetration testing and red team exercises (internal and third-party), aligning scope and objectives with key risks, products, and environments.
• Ensure findings from offensive security activities are prioritized, tracked, and integrated into vulnerability management, detection engineering, and process improvements.
• Partner with Product/Cloud Security, Infrastructure, and SecOps to design scenarios that validate controls, detections, and incident response playbooks.