IT Security Manager/Remote

Job Summary

The IT Security Manager is responsible for developing, implementing, and managing the organization's information security program to protect systems, networks, applications, and data from cyber threats. This role leads security initiatives, manages security operations, ensures compliance with regulatory requirements, and works closely with business and technology teams to reduce security risks and strengthen the organization's security posture.

Key Responsibilities

• Develop, implement, and maintain information security strategies, policies, standards, and procedures.
• Lead security risk assessments, vulnerability management, and remediation programs.
• Oversee security monitoring, incident response, and cyber threat management activities.
• Ensure compliance with regulatory, legal, and industry security requirements.
• Manage security audits, assessments, and compliance reviews.
• Lead security awareness and training initiatives across the organization.
• Review and approve security requirements for infrastructure, applications, cloud environments, and technology projects.
• Manage identity and access management (IAM) processes and security controls.
• Collaborate with IT, business, audit, risk, and compliance teams to address security risks.
• Evaluate and implement security technologies, tools, and solutions.
• Manage third-party security assessments and vendor security reviews.
• Develop and maintain security metrics, dashboards, and management reports.
• Lead, mentor, and develop information security team members.
• Support business continuity, disaster recovery, and cyber resilience initiatives.

Required Qualifications

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, Engineering, or a related field.
• 7–10+ years of experience in information security, cybersecurity, IT risk management, or related disciplines.
• 3+ years of leadership or team management experience.
• Strong knowledge of cybersecurity principles, security architecture, risk management, and security operations.
• Experience with security frameworks, governance, and compliance requirements.
• Knowledge of network security, cloud security, endpoint security, and identity management.
• Strong communication, leadership, and stakeholder management skills.

Preferred Qualifications

• Professional certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer, or CCSP.
• Experience with security frameworks such as ISO 27001, NIST Cybersecurity Framework, CIS Controls, or COBIT.
• Experience in cloud security, security operations centers (SOC), and governance, risk, and compliance (GRC) programs.

Key Skills

• Information Security Management
• Cybersecurity Strategy
• Security Operations
• Risk Assessment & Risk Management
• Security Governance, Risk & Compliance (GRC)
• Vulnerability Management
• Incident Response & Threat Management
• Identity & Access Management (IAM)
• Cloud Security
• Network & Infrastructure Security
• Security Architecture Review
• Audit & Regulatory Compliance
• Vendor Security Management
• Team Leadership & People Management