Information Security Program Manager

Key Responsibilities

• Design, implement, and continuously improve the firm's information security program in alignment with strategic objectives and confidentiality requirements.

• Create and enforce security policies, procedures, and standards to protect the firm's technology assets.

• Monitor and measure the effectiveness of security initiatives, providing actionable insights and updates to senior leadership.

• Identify, assess, and mitigate cybersecurity risks, including conducting vulnerability assessments and penetration tests.

• Lead incident response activities, including investigation, remediation, and reporting.

• Serve as a mentor and technical resource to the security team, fostering professional growth and best practices.

Qualifications

• 10 + years of IT and information security experience, including a minimum of 4 years in a leadership role.

• Strong knowledge of security frameworks and standards such as NIST, ISO 27001, and HIPAA.

• Relevant certifications (CISSP, CISM, CISA, GIAC, CompTIA Security+, GISO) are a plus.

• Proven ability to manage security programs, guide technical teams, and advise leadership on complex security challenges.