Information Security Manager

The Information Security Manager leads the organization’s day-to-day security operations and security administration functions. This role is responsible for managing Security Analysts, overseeing security monitoring and incident response activities, and ensuring operational security controls are executed effectively and consistently.

This position partners closely with the Chief Information Security Officer (CISO), IT, infrastructure, cloud, risk, audit, and business stakeholders to maintain and strengthen the organization’s security posture.

Essential Functions

• Lead and manage Security Analysts responsible for security operations center (SOC) activities and security administration

• Oversee daily security monitoring, event triage, escalation handling, and incident response coordination

• Establish team priorities, assign work, and ensure timely completion of operational security tasks and remediation activities

• Develop and report on security operations metrics, trends, and performance indicators

• Oversee administration of security tools, including monitoring platforms, endpoint protection, vulnerability management, and access controls

• Manage user access administration, privileged access review support, and periodic access validation processes

• Ensure security controls are functioning effectively and that issues are tracked, escalated, and remediated

• Maintain team procedures, runbooks, and documentation for security operations and incident response

• Support the implementation, tuning, and effectiveness of security tools and monitoring capabilities

• Lead incident detection and response activities, including escalation to leadership when appropriate

• Coordinate with IT and system owners on containment, remediation, recovery, and lessons learned

• Monitor emerging threats and vulnerabilities and direct team focus accordingly

• Support audit readiness, assessments, and operational response exercises

• Manage, coach, and develop Security Analysts, including performance management and career development

• Promote consistency in investigation, documentation, escalation, and communication practices

• Partner with the CISO on staffing, workload planning, and operational maturity initiatives

• Collaborate with Audit, Risk, Compliance, and IT teams on control validation and issue remediation

• Support third-party reviews and audit follow-up activities

• Escalate material risks, control gaps, and resource concerns to the CISO

• Ensure alignment with organizational policies, standards, and regulatory requirements

Required Education and Experience

•  Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field required, or equivalent work experience

• 5 years of experience in information security, security operations, or a related technical discipline

• 2 years of people leader experience required

• Financial services or regulated industry experience preferred

• Prior experience leading or supervising technical or security teams preferred

• Experience in security operations, incident response, monitoring, access control, or vulnerability management

• Experience supporting audits, control reviews, or compliance activities preferred

• Relevant certifications preferred (e.g., CISSP, CISM, Security+, GIAC)

• Strong knowledge of security operations processes, incident triage, escalation, and control administration

• Familiarity with security tools such as SIEM, endpoint protection, vulnerability management, firewalls, IAM, and ticketing systems

• Understanding of identity and access management concepts, including privileged access and access reviews

• Working knowledge of enterprise environments (Windows, Linux, networking, cloud)

• Familiarity with frameworks such as NIST CSF and operational risk practices

• Strong leadership, communication, and organizational skills

• Ability to manage competing priorities and drive operational outcomes

• Strong analytical and problem-solving skills

• Ability to communicate effectively with technical teams, leadership, auditors, and business stakeholders

• Strong documentation skills and attention to detail 

Physical Demands

While performing the duties of this job, the employee is frequently required to sit, stand, walk, visualize, talk, hear, and handle or touch objects or controls. The employee may occasionally lift, push, or pull up to 20 pounds.

This position is an office-based position where you must be able to sit for long periods of time. The employee will be working on a computer 90% of the time.