Sr Mgr, Information Security

About The Position

Requirements

• 10+ years of progressive experience in information security, with significant focus on security engineering, security technologies, and operational enablement.
• Proven experience leading a security engineering team responsible for enterprise security tooling and technical controls.
• Strong leadership and people management skills, with experience developing and coaching teams of security professionals.
• In-depth knowledge of security technologies and controls such as network security, endpoint protection, identity and access security, privileged access concepts, logging and monitoring platforms, and security automation.
• Demonstrated success maturing engineering-related security processes such as log governance, access review enablement, detection reliability, control administration, and audit support.
• Ability to prioritize urgent operational work while continuing to deliver planned roadmap initiatives.
• Strong capability in translating technical security issues into concise, leadership-level communications and recommendations.
• Experience working cross-functionally with Legal, Audit, Infrastructure, HRIS, PMO, and other enterprise stakeholders.
• Familiarity with regulatory and control frameworks such as PCI, SOX, CCPA, and NIST 800-53.
• Excellent verbal and written communication skills, including the ability to communicate complex technical topics to non-technical stakeholders.

Nice To Haves

• Bachelor’s degree in computer science, Information Technology, Information Security, or related field, or equivalent relevant experience.
• Relevant certifications such as CISSP, CISM, or CISA are a plus.

Responsibilities

• Lead, develop, and mentor a team of Information Security Engineers responsible for the design, implementation, administration, and continuous improvement of security technologies and engineering processes.
• Own engineering accountability for security platforms, technical controls, integrations, automation, and supporting processes across the security program.
• Establish and enforce engineering standards for change control, identity hygiene, logging quality, detection reliability, platform resiliency, and operational supportability.
• Provide technical and business leadership that influences strategic planning, architecture decisions, and security roadmap priorities.
• Oversee the engineering lifecycle for security technologies, including selection support, implementation, optimization, maintenance, upgrades, and retirement.
• Identify tooling gaps, control weaknesses, operational friction points, and process inefficiencies, and drive improvements that increase effectiveness and reduce risk.
• Ensure security technologies are engineered and operated in a scalable, sustainable, and supportable manner.
• Develop and maintain engineering processes, documentation, standards, and playbooks that improve consistency and team effectiveness.
• Partner with Security Operations, Incident Response, and Compliance teams to ensure security controls and technologies effectively support monitoring, investigations, response, evidence collection, and audit readiness.
• Collaborate with Infrastructure, Identity, Legal, Audit, HRIS, PMO, and other cross-functional teams to implement and sustain security requirements in a practical and operationally effective way.
• Translate technical security issues into concise, leadership-level risk and capability narratives to support decision-making and alignment.
• Track and use meaningful engineering and operational metrics to demonstrate effectiveness, service quality, platform health, and improvement opportunities.
• Balance unplanned, high-priority operational engineering work with delivery of roadmap commitments and strategic initiatives.
• Drive maturity in engineering-related processes such as logging governance, access review enablement, platform administration, security automation, and control reliability.
• Select, develop, motivate, and retain a high-performing team of security engineers.
• Coach engineers through technical escalations, complex problem-solving, and high-pressure operational events.
• Foster a culture of accountability, collaboration, operational excellence, and continuous improvement.