Information Security Manager

Job Description:

• Lead and manage Security Analysts responsible for security operations center (SOC) activities and security administration
• Oversee daily security monitoring, event triage, escalation handling, and incident response coordination
• Establish team priorities, assign work, and ensure timely completion of operational security tasks and remediation activities
• Develop and report on security operations metrics, trends, and performance indicators
• Oversee administration of security tools, including monitoring platforms, endpoint protection, vulnerability management, and access controls
• Manage user access administration, privileged access review support, and periodic access validation processes
• Ensure security controls are functioning effectively and that issues are tracked, escalated, and remediated
• Maintain team procedures, runbooks, and documentation for security operations and incident response
• Support the implementation, tuning, and effectiveness of security tools and monitoring capabilities
• Lead incident detection and response activities, including escalation to leadership when appropriate
• Coordinate with IT and system owners on containment, remediation, recovery, and lessons learned
• Monitor emerging threats and vulnerabilities and direct team focus accordingly
• Support audit readiness, assessments, and operational response exercises
• Manage, coach, and develop Security Analysts, including performance management and career development
• Promote consistency in investigation, documentation, escalation, and communication practices
• Partner with the CISO on staffing, workload planning, and operational maturity initiatives
• Collaborate with Audit, Risk, Compliance, and IT teams on control validation and issue remediation
• Support third-party reviews and audit follow-up activities
• Escalate material risks, control gaps, and resource concerns to the CISO
• Ensure alignment with organizational policies, standards, and regulatory requirements

• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field required, or equivalent work experience
• 5 years of experience in information security, security operations, or a related technical discipline
• 2 years of people leader experience required
• Financial services or regulated industry experience preferred
• Prior experience leading or supervising technical or security teams preferred
• Experience in security operations, incident response, monitoring, access control, or vulnerability management
• Experience supporting audits, control reviews, or compliance activities preferred
• Relevant certifications preferred (e.g., CISSP, CISM, Security+, GIAC)
• Strong knowledge of security operations processes, incident triage, escalation, and control administration
• Familiarity with security tools such as SIEM, endpoint protection, vulnerability management, firewalls, IAM, and ticketing systems
• Understanding of identity and access management concepts, including privileged access and access reviews
• Working knowledge of enterprise environments (Windows, Linux, networking, cloud)
• Familiarity with frameworks such as NIST CSF and operational risk practices
• Strong leadership, communication, and organizational skills
• Ability to manage competing priorities and drive operational outcomes
• Strong analytical and problem-solving skills
• Ability to communicate effectively with technical teams, leadership, auditors, and business stakeholders
• Strong documentation skills and attention to detail.

• Health insurance
• Training and development opportunities
• Flexible work environment