- Company Name
- Lightcast
- Job Title
- Sr. Manager - Info Security - 1007
- Job Description
-
**Job Title**
Sr. Manager – Information Security
**Role Summary**
Lead the organization’s cybersecurity strategy, governance, and day‑to‑day security operations. Design, implement, and maintain policies and frameworks that ensure compliance with legal and regulatory requirements. Manage risk assessments, vulnerability management, and incident response while embedding security best practices across IT, engineering, DevOps, and product teams. Report security posture and risks to executive leadership.
**Expactations**
- Maintain up‑to‑date compliance with SOC 2, ISO 27001, GDPR, NIST, CIS, and other applicable frameworks.
- Demonstrate measurable improvement in risk posture and incident response maturity through metrics and reporting.
- Provide leadership and mentorship to security engineering and analyst teams.
- Collaborate with cross‑functional stakeholders to integrate security into development and operations lifecycles.
**Key Responsibilities**
- Develop and execute the information security strategy, policies, and governance framework aligned with business objectives.
- Conduct enterprise risk assessments, vulnerability management, and mitigate security risks.
- Oversee daily security operations: threat monitoring, vulnerability remediation, detection, and incident response.
- Secure cloud environments, networks, applications, and infrastructure using firewalls, encryption, and identity controls.
- Partner with IT, engineering, DevOps, product, and legal to incorporate security into systems and processes.
- Lead security audits, assessments, and remediation activities.
- Mentor and manage security engineers and analysts; promote security awareness.
- Report security posture, risks, and improvement plans to executive leadership.
**Required Skills**
- Strong knowledge of NIST, ISO 27001, CIS, and related security frameworks.
- Proven experience in cloud security (AWS, Azure, GCP).
- Expertise in vulnerability management, threat monitoring, detection, and incident response.
- Leadership and team‑management capabilities.
- Excellent communication and stakeholder‑management skills.
- Ability to translate complex security concepts into business‑friendly language.
**Required Education & Certifications**
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (Master’s preferred).
- 5‑8+ years of cybersecurity or information security experience; 3‑5+ years in leadership or management roles.
- Certifications: CISSP, CISM, CCSP, GIAC, or equivalent (preferred).