Sr Manager Information Security

The Senior Manager, Information Security is responsible for proactively identifying, testing, and mitigating security gaps within the organization’s digital estate. This role is offensive and architectural in nature (NOT SOC/reactive). You will rigorously review security policies and architecture, continuously test the effectiveness of cybersecurity controls through simulation and validation exercises, and drive the remediation of identified weaknesses.

• Security Policy & Architecture Review
• Offensive Security Leadership
• 8–10 years of hands‑on experience in cybersecurity (focused on pen testing or threat hunting)
• 3+ years in a management level position with at least 1 direct report
• Proven experience in reviewing and auditing security policies and technical architectures for enterprise environments.
• Experience with Breach and Attack Simulation (BAS) tools (e.g., Attack
  
  IQ, Cymulate) or manual emulation frameworks (e.g., Atomic Red Team, MITRE CALDERA).
• Deep understanding of the MITRE ATT&CK framework and how to map specific controls to adversary tactics.
• Experience with Python for automation
• Strong knowledge of operating system internals (Windows, Linux) and network protocols (TCP/IP, DNS, HTTP/S).
• Familiarity with security control platforms (SIEM, EDR, IDS/IPS, Firewalls) and how to bypass or test them.
• Analytical Thinking:
  Ability to look at a complex system and identify the weakest link.

• OSCP (Offensive Security Certified Professional)
• CEH (Certified Ethical Hacker) Practical

Additional certifications in security architecture (e.g., CISSP, CISM) or cloud security (e.g., CCSP, AWS Security Specialty) are highly desirable.

$125K to $170K per year annual salary + bonus

Exact compensation may vary based on several factors, including skills, experience, and education.