Information Security Manager

Job Summary

The Information Security Manager is responsible for leading and executing day?to?day information security operations while contributing to the development and execution of Medline's enterprise information security strategy. This role manages a team of information security professionals and serves as a key escalation point for security incidents, operational issues, and risk decisions. The Information Security Manager partners closely with IT leaders and senior security leadership to ensure security controls, processes, and technologies are effective, measurable, and aligned with business objectives.

• Lead, coach, and develop a team of information security professionals, including hiring, onboarding, performance management, and career development.
• Serve as an escalation point for team members for technical, operational, and risk?based security decisions.
• Foster a culture of accountability, continuous improvement, and security awareness across the team.

• Oversee day?to?day security operations, including monitoring, detection, response, and remediation activities.
• Support and manage security incident response efforts, including investigation, containment, remediation, and post?incident reviews.
• Ensure on?call and monitoring coverage models are defined, maintained, and effective.

• Define and maintain security metrics and reporting to measure the effectiveness, efficiency, and maturity of the security program.
• Track and report progress against operational goals, KPIs, SLAs, and security initiatives.
• Provide clear, executive?ready reporting on security posture, incidents, and trends.

• Enforce and continuously refine information security policies, standards, and procedures.
• Partner with internal stakeholders to assess security risk and drive remediation of identified gaps.
• Support internal and external audits by ensuring evidence, controls, and processes are documented and operating effectively.

• Collaborate with senior security leadership to execute the information security roadmap and long?term strategy.
• Work closely with IT infrastructure, application, and business teams to ensure security requirements are embedded into projects and operations.
• Provide security input and guidance for new technologies, systems, and architectural changes.

Bachelor's degree in information technology, Cybersecurity, Computer Science, or a related field (or equivalent work experience).

None specified.

• 5+ years of experience in information security, with demonstrated experience in security operations, incident response, and risk management.
• 2+ years of experience leading or managing technical security teams.
• Strong understanding of security controls, monitoring, vulnerability management, and incident response practices.

• Strong knowledge of information security operations, including security monitoring, incident response, vulnerability management, and remediation workflows.
• Working knowledge of security controls, technologies, and operational processes across infrastructure, applications, and identity platforms.
• Ability to lead and manage a mixed team of security analysts and engineers, balancing operational demands with project execution.
• Proven skill in incident triage, escalation, and risk?based decision making in high?pressure operational scenarios.
• Strong project management skills, including planning, execution, tracking, and delivery of security initiatives and operational improvements.
• Ability to define, track, and report on operational metrics, KPIs, and remediation progress.
• Experience enforcing security policies, standards, and procedures in an enterprise environment.
• Strong analytical and problem?solving skills with the ability to identify root causes and drive corrective actions.
• Effective written and verbal communication skills, with the ability to clearly convey technical security issues to both technical teams and…