This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Manager of Information Security
$122,800 - $140,000/Yr
Flexential - Aurora, CO
posted 2 months ago
Full-time - Manager
Aurora, CO
Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services
About the position
The Manager of Information Security at Flexential leads a team responsible for the Security By Design program, focusing on designing and implementing secure information security architectures and applications. This role involves cross-functional collaboration to integrate security measures throughout the product lifecycle, conduct threat modeling, and enforce best practices in information security.
Responsibilities
- Own and mature the Security by Design program to ensure secure product and system design.
- Lead the identification of security risks and creation of security architecture requirements.
- Implement and mature security best practices into the Secure Software Development Lifecycle (SSDLC).
- Establish operational foundations and define metrics and KPIs for governance and efficiency.
- Influence and improve existing processes through innovation and operational change.
- Maintain awareness of security regulatory trends and frameworks such as PCI-DSS and ISO 27001.
- Develop and maintain security procedures and standards for executive approval.
- Create baseline security configuration standards for various systems.
- Anticipate new security threats and stay updated on evolving security controls.
- Oversee validation and review of security implementations from DevOps to production.
- Ensure alignment of security architecture strategy with the Information Security program.
- Collaborate with other teams to enhance processes and build relationships.
Requirements
- 5 years of experience in IT security and compliance, preferably in IT or service provider environments.
- Full stack knowledge of IT Infrastructure including applications, databases, operating systems, and networking.
- Strong familiarity with information security and compliance engineering practices.
- Proficiency with security configurations and standards across the OSI model.
- Advanced knowledge of public cloud security (GCP, Azure, AWS).
- Experience with MDM, IAM, encryption, and cryptography.
- Ability to assimilate new technologies and design frameworks quickly.
- Experience presenting security concepts to customers and executives.
- Ability to influence and mature business areas within information security.
- Experience mentoring and promoting a culture of security.
Nice-to-haves
- Security certifications such as CISSP, CSSLP, OSCP, GDSA.
- Experience with Kubernetes and micro-services architecture.
- Knowledge of compliance standards like PCI-DSS, HITRUST, NIST, ISO, ITIL, and SOC1/2.
- Experience with secure CI/CD pipeline design and automation.
- Experience with Information Security program assessment and maturity modeling.
Benefits
- 401(k)
- AD&D insurance
- Dental insurance
- Disability insurance
- Employee assistance program
- Flexible spending account
- Health insurance
- Medical, Telehealth, Dental and Vision
- Health Savings Accounts (HSA)
- Life and AD&D
- Short Term and Long-Term disability
- Flex Time Off (PTO)
- Leave of Absence
- Wellness Program
- Rewards and Recognition Program
