Information Security Manager

Help Shape the Future of Secure Innovation

At RS21, we’re on a mission to use data, design, and technology to make the world healthier, safer, and more resilient. We believe in the power of collaboration, the strength of diverse voices, and the responsibility to safeguard the information entrusted to us. We're looking for an Information Security Officer who shares our values and is excited to help us scale securely as we grow.

This is more than just a technical role—it’s an opportunity to lead a people-centered security program in a company that values both innovation and integrity. You’ll guide our path to ISO 27001 certification, collaborate across teams to maintain our Information Security Management System, and build practices that keep our people, partners, and platforms safe.

• Champion the implementation of ISO 27001:2022 and maintain our Information Security Management System (ISMS).
• Craft clear, actionable security policies and procedures that reflect our values and meet client needs.
• Design systems and processes that support growth without sacrificing security.

• Conduct regular risk assessments and gap analyses to ensure we stay ahead of threats.
• Align RS21’s security practices with frameworks like NIST, HIPAA, FedRAMP, and ISO 27001.
• Collaborate with Professional Services, IT, and Business Development teams to respond to client audits and questionnaires.

• Detect and respond to cybersecurity threats in real time.
• Partner with our IT team to ensure network architecture, access controls, and endpoint security are strong and future-proof.
• Manage penetration testing and vulnerability assessments on a regular cadence.

• Build and lead security training that goes beyond compliance—fostering a culture of shared responsibility and awareness.
• Communicate clearly and consistently, ensuring security becomes part of how we work, not a barrier to getting work done.

• Serve as a trusted point of contact for client security conversations.
• Proactively support our business development and professional services teams with documentation, certifications, and compliance storytelling.

• 5+ years of experience in information security, risk management, or IT security.
• Hands-on experience with ISO 27001 implementation and certification.
• Working knowledge of frameworks like NIST 800-53 and 800-171, HIPAA, SOC 2, or CIS Controls.
• Strong writing and communication skills—you can explain security concepts clearly to both technical and non-technical teams.
• U.S. citizenship or permanent residency (due to contract requirements).

• Certifications such as CISSP, CISM, CISA, or ISO 27001 Lead Implementer.
• Experience working with federal clients or managing sensitive data environments.
• Familiarity with SaaS/cloud infrastructure, Dev Sec Ops , and modern security tools (SIEMs, endpoint protection, vulnerability scanners).

We’re not just another data company. We’re designers, engineers, analysts, scientists, and storytellers who care deeply about using our skills to make a difference. At RS21, you’ll find:

• A people-first culture that values your perspective.
• Opportunities to work on projects with real-world impact.
• A collaborative environment that encourages learning and experimentation.
• A flexible, remote-first workplace with team hubs in key locations.

If you're passionate about building smart, scalable security systems that enable innovation—and you're looking for a team that values curiosity, purpose, and trust—we’d love to meet you.