Information Security Manager

Core Values

PROVIDE our customers with the best combination of service, rates, and fees. PROMOTE sustainable careers for our employees so that they can be enriched personally and professionally. GIVE BACK to our community. These are the core values of NOVA Home Loans in which we act on employee feedback and implement changes that will make NOVA Home Loans a better place to work and promote a higher level of service to our clients.

The Information Security Manager (ISM) acts as an interface between the strategic activities and the tactical work of the technology-focused members of the Technical Services organization. The ISM must be able to translate the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting. The ISM coordinates the IT organization's technical activities to implement and manage security infrastructure, and to provide regular status and service-level reports to management.

Work Location: This is an onsite position based out of our corporate office in Tucson, AZ. Remote opportunities are not available for this position.

Evolving as an Information Security Manager by having

• High School diploma or GED is required.
• 5+ years of experience in Information Technology, with at least 2 years in information security, risk management, or compliance roles.
• Bachelor s degree in a related field or 7+ years of equivalent work experience in IT or security roles.
• Familiarity with legal and regulatory requirements (GLBA, CCPA, GDPR, NIST 800-53).
• Preferred certifications include: CISSP, CISM, CEH, CRISC, CCSP.

Exciting Opportunities to Grow by

• Conduct risk, business impact, and vulnerability assessments to prioritize security initiatives.
• Evaluate, deploy, and manage advanced security tools, including endpoint detection, SIEM, and cloud-native solutions.
• Lead the development and execution of NOVA s incident response program, including tabletop exercises, breach simulations, and coordination with external partners.
• Propose and implement updates to security policies and procedures to enhance efficiency and ensure compliance with regulations (e.g., GLBA, CCPA).
• Monitor and report on policy compliance and enforcement across the IT department, using automated dashboards and metrics.
• Act as a liaison with vendors, legal, and procurement teams to negotiate contracts and service-level agreements.
• Collaborate with stakeholders to identify information asset owners and implement a data classification and control framework.
• Analyze the current and emerging threat landscape to provide executive leadership with actionable risk and threat assessments.
• Support legal and regulatory compliance efforts, including audit preparation and response.
• Maintain a knowledgebase of technical references, security advisories, threat intelligence, and regulatory updates.
• Mentor and train junior security staff to build a high-performing team.
• Drive secure software development practices in collaboration with DevOps and engineering teams.
• Perform other duties as assigned to support the security program and organizational objectives.

Show us your growth with

• Proven leadership and stakeholder management skills to collaborate with business leaders, IT teams, and external partners.
• Expertise in developing and maintaining security policies, procedures, and standards aligned with frameworks like CIS Top 20 or NIST CSF.
• Experience with cloud security architectures (e.g., AWS, Azure), zero-trust models, and DevSecOps practices.
• Proficiency in Agile methodologies to manage security projects and tool deployments.
• In-depth knowledge of network protocols, cryptography, and secure software development principles.
• Familiarity with threat intelligence platforms and AI-driven security analytics.
• Strong analytical and problem-solving skills to address complex security challenges under pressure.
• Exceptional communication skills to translate technical risks into business terms for non-technical stakeholders.
• Ability to manage multiple projects in a fast-paced environment while meeting deadlines.
• Commitment to continuous learning and staying current with cybersecurity trends and threats.
• Discretion in handling sensitive customer and organizational data.

Benefits Offered...

NOVA benefits to full time employees include Employee Discount, Paid Time Off, Health/Dental/Vision/Life/Disability Insurance, 401(k) with an employer match, Health Savings Account with employer contribution, and an Employee Assistance Program

NOVA is an equal opportunity employer, substance-free workplace, and complies with the Americans with Disability Act regulations as applicable.

All applicants are considered for all positions without regard to race, religion, color, sex, gender, sexual orientation, pregnancy, age, national origin, ancestry, physical/mental disability, medical condition, military/veteran status, genetic information, marital status, ethnicity, alienage, or any other protected classification, in accordance with applicable federal, state, and local laws. Equal access to programs, services, and employment is available to all qualified persons. Those applicants requiring accommodation to complete the application and/or interview process should contact the Human Resources department at NOVA Home Loans.