Information Security Manager

Job Description

We are looking for an experienced Information Security Manager to take ownership of the security strategy and implementation for the organization. This hands-on role requires an individual with expertise and attention to detail, along with a deep understanding of security frameworks, who can lead initiatives to strengthen our security posture in a cloud-first environment. Based in Boston, Massachusetts, this hybrid position offers an exciting opportunity to make a significant impact in a dynamic, collaborative setting.

Responsibilities:

• Conduct comprehensive gap analyses of current security tools and practices, identifying areas for improvement.

• Develop and implement security strategies to enhance overall organizational protection against threats and vulnerabilities.

• Manage and execute hands-on security implementations, including configuration of firewalls, IDS/IPS, and access control systems.

• Perform vulnerability assessments and audits to ensure compliance with security standards and frameworks.

• Collaborate with leadership to align security initiatives with business objectives and regulatory requirements.

• Oversee security operations in a multi-tenant cloud environment, leveraging virtualized servers as necessary.

• Maintain and optimize security information and event management (SIEM) tools to monitor and respond to incidents.

• Ensure adherence to industry standards such as NIST 800-53 and other relevant frameworks.

• Provide expert guidance on authentication protocols, network security, and infrastructure protection.

• Work closely with IT and risk management teams to address emerging security challenges proactively.• Minimum of 10 years of experience in IT security or cybersecurity roles.

• Proven expertise in hands-on implementation of security tools and strategies.

• Strong knowledge of cloud-first security approaches and virtualized server environments.

• Familiarity with security frameworks such as NIST 800-53 and related standards.

• Proficiency in technologies including firewalls, IDS/IPS, SIEM systems, and access control.

• Experience conducting vulnerability assessments and audits.

• Ability to align security strategies with organizational goals and compliance requirements.

• Excellent problem-solving skills and capability to work independently in a fast-paced environment.

Full-time

Hybrid remote