Manager, Information Security

Overview

The Manager, Information Security is responsible for implementing Coverys’ information security strategy and policy, assisting in its development to safeguard the organization against threats, weaknesses, and exploits. This role involves overseeing and performing "hands‑on" work with the global security team and broader business to implement and maintain best‑practice processes, procedures, and appropriate technology, and to advance the organization’s maturity through alignment with NIST CSF
2.0.

• Develop and implement Coverys’ information security strategy and policy.
• Partner closely with the Head of Governance and Security to execute the security strategy roadmap.
• Implement and update security, resilience, and information governance standards and procedures, using external benchmarks and ensuring adherence.
• Oversee an ongoing vulnerability and operational resilience program, including regular external testing.
• Collaborate with internal audit to develop a plan that assures the effectiveness of security, resilience, and compliance of services.
• Work with Compliance and Legal teams to document regulatory obligations and maintain compliance.
• Oversee planning and execution of security or resilience‑related external audits.
• Engage with transformation teams to make security and resilience inherent to delivery and allocate necessary resources.
• Benchmark security delivery against NIST CSF
  2.0 and develop plans to increase maturity from both a policy and practice perspective.
• Review and maintain toolsets for monitoring, protecting from, and responding to cyber incidents.
• Ensure timely and viable incident‑response processes are in place.
• Collate and report on security governance metrics to leadership, maintaining key metrics of security operations progress.
• Oversee team activities, ensuring clarity of roles, appropriate resource allocation, and staff training in security awareness.
• Manage partners, stakeholders, vendors, and third‑party service or solutions providers of relevant IT security services.
• Carry out supervisory responsibilities in accordance with organizational policies and applicable laws, including hiring, training, performance appraisals, and disciplinary actions.

• Bachelor’s degree in Computer Science, Information Systems, or a STEM subject from an accredited college or university – required.
• 5–8 years of operational experience in information security within a regulated environment – required.
• 2–3 years of experience in a supervisory role – required.
• Professional certification in information security (e.g., CISA, CRISC, CISSP, or CISM) – highly preferred.
• Experience managing information security audits – required.
• Experience in an environment with regulatory requirements such as HIPAA – required.
• Strong technical skills, including firewall technologies, vulnerability management and remediation across various platforms, and cloud security in Azure or AWS – required.
• Excellent interpersonal and communication skills, with the ability to influence stakeholders – required.
• Knowledge of firewalls and identity management, and security in M365 and Azure – highly preferred.
• Knowledge of MSPurview – highly preferred.
• Eligibility to work in the United States without sponsorship or restriction – required.

Base salary range: $159,700 – $187,900.

Benefits are available from day1 of employment.

Coverys is an equal‑opportunity employer. Coverys’ job openings are open to all without regard to race, color, national origin, gender, gender identity, religion, age, weight, disability, political beliefs, sexual orientation, marital status, family status, or veteran status.