Information Security (InfoSec) Program Manager

About

The Information Security (InfoSec) Program Manager is a strategic leader responsible for orchestrating large-scale, cross-functional security initiatives within a dynamic and ambiguous business landscape. Leveraging more than 15 years of experience in information security, risk management, and program delivery, this individual possesses the vision, subject matter expertise, and executive presence to drive enterprise-wide improvements in security posture, regulatory compliance, and organizational resilience.

Key Responsibilities

• Lead and orchestrate large-scale, cross-functional security programs and initiatives across the enterprise.
• Drive strategic improvements in the organization's security posture, ensuring alignment with business objectives in ambiguous environments.
• Oversee risk management processes, including identification, assessment, mitigation, and reporting to executive stakeholders.
• Ensure compliance with relevant regulatory standards (e.g., GDPR, NIST, ISO 27001) through program design and execution.
• Collaborate with cross-functional teams, including IT, legal, operations, and executive leadership, to build organizational resilience against cyber threats.
• Develop and implement metrics, dashboards, and reporting mechanisms to measure program success and security maturity.
• Mentor security teams and foster a culture of security awareness and continuous improvement.

Qualifications

• 15+ years of progressive experience in information security, risk management, and program/project delivery.
• Proven track record of leading enterprise-wide security initiatives in dynamic, fast-paced environments.
• Deep subject matter expertise in InfoSec frameworks, threat modeling, compliance standards, and risk assessment methodologies.
• Strong executive presence with excellent communication, stakeholder management, and influencing skills.
• Bachelor's degree in Computer Science, Information Security, or related field (Master's or relevant certifications like CISSP, CISM, CRISC preferred).
• Experience in high-stakes industries such as technology, finance, or manufacturing is highly desirable.

Preferred Skills

• Proficiency in security tools (e.g., SIEM, vulnerability management platforms) and agile program management methodologies.
• Ability to thrive in ambiguous settings with a strategic, visionary mindset.