Senior Cybersecurity/ Information Security Manager - (Milpitas, CA) - Onsite

Overview

On Site
$180,000 - $210,000
Full Time

Skills

Cybersecurity Manager
information security governance
risk management
compliance
GRC
audit readiness
regulatory compliance
cloud security assurance
control assessments
evidence collection
cloud configurations
security compliance
internal audits
external audits
cross-functional teams
engineering
legal
IT
HR
DevOps
compliance teams
security controls
ISO 27001
ISO/IEC 27001
SOC 2
NIST CSF
PCI DSS
cloud environments
AWS
Azure
GCP
access controls
misconfigurations
risk indicators
information security policies
security procedures
security standards
risk assessments
gap analyses
threat modeling
security vulnerabilities
mitigation strategies
IAM reviews
Identity and Access Management
access control evaluation
firewall rule reviews
security group reviews
cloud configuration scanning
misconfiguration scanning
cloud assurance reporting
remediation
HIPAA
GLBA
GDPR
internal security audits
external assessments
evidence documentation
application security assessments
OWASP Top 10
secure code reviews
vulnerability scanning
penetration testing
SIEM
security alerts
incident response
endpoint protection
DLP
CSPM
vulnerability management
compliance tooling
security questionnaires
RFI
RFP
third-party risk assessments
vendor risk assessments
cloud security best practices
cybersecurity threats
cloud security trends
Bachelors degree
Masters degree
cloud risk reviews
IAM audits
Prisma Cloud
Wiz
AWS Config
Azure Security Center
NIST 800-53
Burp Suite
OWASP ZAP
Snyk
Nessus
security operations tools
communication skills
CISSP
CISM
CCSP
ISO 27001 Lead Implementer
AWS security certification
Azure security certification
GCP security certification
GIAC
GSEC
GCSA
Security+

Job Details

Hello,

My name is Pavan and I am a Talent Acquisition Specialist at Park Computer Systems, Inc., a Technology Consulting and Staffing company. After reviewing your resume, I believe that you may be a good fit for a job opening with one of our clients. The highlights of the position are:

Job Title: Senior Cybersecurity/ Information Security Manager

Location: Milpitas, CA 95035 (5 Days Onsite)

Duration: Full Time Permanent Role

Job Description:

We are seeking a hands-on Cybersecurity Manager with deep experience in information security governance, risk management, and compliance (GRC). The ideal candidate will lead efforts related to audit readiness, regulatory compliance, and cloud security assurance.

This role involves performing control assessments, managing evidence collection, reviewing cloud configurations for security and compliance, and supporting internal and external audits. You will collaborate with cross-functional teams across engineering, legal, IT, HR, DevOps and compliance to ensure that security controls are implemented, maintained, and continuously improved.

A strong understanding of security frameworks such as ISO/IEC 27001, SOC 2, NIST CSF, and PCI DSS is essential, along with hands-on experience evaluating cloud environments (AWS, Azure, or Google Cloud Platform) for access controls, misconfigurations, and other risk indicators.

What you will do:

  • Develop, implement, and maintain information security policies, procedures, and standards in alignment with business objectives and regulatory requirements.
  • Perform risk assessments, gap analyses, and threat modeling to identify security vulnerabilities and recommend appropriate mitigation strategies.
  • Conduct ongoing security and compliance assessments across cloud environments (AWS, Azure, Google Cloud Platform), focusing on:
    • Identity and Access Management (IAM) reviews
    • Access control evaluation and enforcement
    • Security group and firewall rule reviews
    • Cloud configuration and misconfiguration scanning
    • Cloud assurance reporting and remediation follow-up
  • Ensure compliance with major security frameworks and standards, including ISO/IEC 27001, SOC 2, PCI DSS, NIST CSF, and applicable regulatory requirements (e.g., HIPAA, GLBA, or GDPR depending on industry).
  • Lead internal security audits and support external audits and assessments by providing evidence, documentation, and technical guidance.
  • Perform application security assessments, including:
    • OWASP Top 10 testing
    • Secure code reviews
    • Vulnerability scanning
    • Penetration testing (manual and automated)
  • Monitor and respond to security alerts and incidents across applications and infrastructure, using SIEM and other detection tools.
  • Administer and optimize security platforms (e.g., vulnerability management, endpoint protection, DLP, CSPM, compliance tooling).
  • Support sales and business development by completing security questionnaires (RFI/RFP) and providing accurate security and compliance documentation.
  • Perform third-party/vendor risk assessments, ensuring alignment with internal security policies and risk tolerance.
  • Partner with cross-functional teams (Engineering, DevOps, Legal, Compliance, IT) to embed security and compliance best practices across systems, services, and processes.
  • Stay current with emerging cybersecurity threats, cloud security trends, frameworks, and best practices to enhance organizational defense posture.

What you need:

  • Education: Bachelor s or Master s degree in Cybersecurity, Computer Science, Information Systems, or a related field.
  • Experience: 8+ years of progressive experience in information security, with a focus on cloud security assurance and GRC.
  • Cloud Knowledge: Strong familiarity with cloud security standards and tools in AWS, Azure, or Google Cloud Platform; experience conducting cloud risk reviews, IAM audits, and misconfiguration assessments (e.g., using tools like Prisma Cloud, Wiz, AWS Config, Azure Security Center).
  • Frameworks & Compliance: Deep understanding of ISO 27001, SOC 2, PCI DSS, NIST 800-53/CSF, and other major security and risk frameworks.
  • Security Testing: Hands-on experience with application security testing tools and techniques (e.g., Burp Suite, OWASP ZAP, Snyk, Nessus).
  • Tooling: Experience with security operations tools including SIEM, vulnerability management platforms, DLP, and CSPM.
  • Communication: Excellent written and verbal communication skills; capable of translating complex security topics into business language for stakeholders.

Preferred Certifications

  • CISSP, CISM, CCSP, ISO 27001 Lead Implementer
  • AWS/Azure/Google Cloud Platform security-related certifications
  • GIAC (GSEC, GCSA, or similar), Security+

If you believe that you are well qualified for this position and are currently in the job market, or interested in making a change, please do give me a call at - Ext 241 or reply to this email. When responding, please include your direct phone number, so that I may revert back to you promptly.

If this is your first exposure to Park Computer Systems, you can check us out at http:

Thank you for your time, and looking forward to a timely response from you.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.