Information Security Manager

As the InfoSec Manager, you will be responsible for maintaining the high-performance level of our security programs, tools, and technologies. This will include providing the protections needed for the systems, network, databases, and communications.

Position is full-time, on-site. Option of locations:  The Greater Seattle, WA area or Greater Austin, TX area.

You must currently live in the United States. There is no C2C or sponsorship available.

What to expect:

• Supervise and manage the company cybersecurity program while providing comprehensive best practices and compliance of industry standards.
• Perform regular security assessments, vulnerability and penetration testing to ensure the safety of our applications and infrastructure.
• Work with multiple teams to detect potential security risks and develop proactive mitigation measures.
• Implement and enforce security policies, procedures, and training with the emphasis on security awareness.
• Lead the cybersecurity team, provide guidance, and act as mentor.
• Conduct security training for all company team members.
• Be a part of compliance audits and budget planning.
• Continuing education to be up-to-date with the current threats and solutions.
• Occasional on-call and travel needed to various company sites.

What you will need:

• 5 or more years of work experience in the field of Information Security.
• 4 or more years as a team manager in a critical infrastructure environment.
• Multiple IT security certifications, such as CISSP, SSCP Security+, CISSM or equivalent experience.
• Network security techniques such as Micro-segmentation, Proxy servers, Whitelisting, etc.
• Experience working with Microsoft Windows Server, Group Policy/Active Directory.
• Understanding of data diode hardware device.
• Familiarity with next-generation antivirus solutions.
• Background working to identify and mitigate phishing, social engineering tactics, and other cybersecurity threats.
• Knowledge of NIST, Zero Trust Architecture, Least Privilege Access, Operational Technology security, CIS Critical Security Controls, SaaS systems hardening best practices.
• Various management skills: Vulnerability, Identity and Access (SAML, MFA), Asset, Patch.
• Provide Defense in Depth strategy.

Kw: information security manager, infosec manager, cybersecurity, itsecurity, cissp, cissm, sscp security+, critical infrastructure, network security, micro-segmentation, proxy servers, whitelising, microsoft windows server, active directory, data diode, phishing, social engineering, nist, zero trust architecture, least privilege access, operational technology, critical security controls, saas systems hardening, vulnerability, identity and access, saml, mfa, asset, patch, defense in depth