×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Data Security Information Security

Information Security Manager

Job in San Juan, Hidalgo County, Texas, 00902, USA
Listing for: Kikoff
Full Time position
Listed on 2025-11-21
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Data Security, Information Security
Salary/Wage Range or Industry Benchmark: 125000 - 150000 USD Yearly USD 125000.00 150000.00 YEAR
Job Description & How to Apply Below

ABOUT THE ROLE

You’ll be our first dedicated security leader, owning the technical execution of our security and compliance program. You’ll drive SOC 2 and PCI DSS compliance, manage our vulnerability program, and build security capabilities that enable our engineering teams to move fast while staying secure. This is a hands‑on role—you’ll design controls, write policies, respond to incidents, and work directly with auditors.

This is initially an individual contributor role with high impact and visibility. As our security program matures, you’ll have the opportunity to build and lead a security team.

IN THIS ROLE, YOU WILL Own Compliance

  • Lead SOC 2 Type II and PCI DSS programs through successful audit

  • Design and implement security controls without blocking velocity

  • Serve as primary technical contact for external auditors and assessors

  • Manage third‑party vendor security assessments and ongoing monitoring

  • Build automated evidence collection and continuous compliance monitoring

  • Report security metrics and program status to executive leadership

Manage Security Operations

  • Establish vulnerability management program with defined SLAs and remediation workflows

  • Own end‑to‑end vulnerability management: identify, assess, prioritize, and drive remediation to completion across infrastructure and applications

  • Manage external penetration testing program with third‑party vendors, including scoping, assessment review, and remediation tracking

  • Perform internal penetration testing and security assessments of applications, APIs, and infrastructure

  • Build SIEM detection rules, security dashboards, and alert triage processes

  • Develop and test incident response runbooks

  • Conduct threat modeling for critical systems and architectural changes

  • Lead security assessments of new technologies and third‑party integrations

Enable & Collaborate

  • Partner with platform engineering to implement security roadmap: AWS landing zone design, PAM/JIT workflows, account segmentation, disaster recovery testing

  • Enforce enterprise security controls (SSO, secrets management, RBAC)

  • Build and deliver security awareness training program for all employees

  • Develop and maintain security policies, standards, and procedures

  • Translate compliance requirements into actionable engineering tasks and drive completion

Security & Compliance

  • 5+ years in information security, with 2+ years in fintech or highly regulated industry

  • CISSP certification (or actively pursuing - must obtain within 12 months of hire)

  • Hands‑on experience leading SOC 2 and PCI DSS audits from start to finish

  • Strong incident response background—you’ve led real security incidents

  • Experience with vulnerability management platforms (Wiz, Snyk, Tenable)

Technical Skills

  • Solid understanding of AWS security: IAM, Security Hub, Guard Duty, Cloud Trail, KMS

  • Experience with SIEM platforms (Splunk, Datadog, Elastic)—you can write detection rules and build dashboards

  • Hands‑on experience with vulnerability assessment and penetration testing tools (Burp Suite, Nessus, Qualys, or similar)

  • Ability to read code (Ruby, JavaScript, Python) and assess security implications

  • Knowledge of web application security, API security, and OWASP Top 10

  • Understanding of access control patterns (PAM, SSO, RBAC, least privilege)

Core Competencies

  • Strong communication—you can explain risks to engineers and executives alike

  • Pragmatic risk management in fast‑paced environments

  • Self‑starter who builds programs from scratch

  • Collaborative mindset—security as enabler, not blocker

  • Ability to drive remediation to completion across teams

NICE TO HAVE

  • Additional certifications (CISM, CISA, CCSP, CEH, OSCP, CRISC)

  • Experience managing WAF deployments (Palo Alto, Cloudflare, AWS WAF)

  • Infrastructure‑as‑code experience (Pulumi, Terraform)

  • Kubernetes security knowledge

  • SOAR platform experience

  • Dev Sec Ops  or security automation background

  • Scripting skills (Python, Bash) for security tooling and automation

Kikoff: A Fin Tech Unicorn Powering Financial Progress with AI

At Kikoff, our mission is to provide radically affordable financial tools to help consumers achieve financial security. We’re a profitable, high growth Fin Tech unicorn serving millions of people, many of whom are…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search