Manager of Security
Operational Leadership
The Security Manager manages day-to-day security operations, ensuring policies and strategies set by senior leadership are implemented effectively across teams and systems.
Risk Management
The Security Manager identifies, assesses, and tracks cyber risks; recommends and implements mitigations through technology, process, and policy changes.
Policy Implementation
The Security Manager maintains and enforces information security policies, standards, and procedures; recommends updates based on operational realities.
Security Operations
- Manage security monitoring, incident response, vulnerability management, and threat intelligence functions, including coordinating with SOC/MSSP resources as applicable.
- Own the security review, deployment, and ongoing monitoring of AI tools used across the organization.
- Manage platforms such as Harmonic (for AI/data risk visibility and shadow AI detection) and Weave (for AI-related threat and behavior monitoring).
- Develop and maintain guidelines for safe employee use of generative AI and third-party AI tools.
- Evaluate new AI tools/vendors for security and data-handling risk before adoption.
Governance, Risk, and Compliance (GRC) Support
The Security Manager supports compliance with relevant laws, regulations, and frameworks (e.g., GDPR, HIPAA, PCI DSS, NIST); coordinates evidence gathering and remediation for internal and external audits.
Team Leadership
The Security Manager leads, mentors, and develops a team of security analysts/engineers; manages workload, performance, and skill development.
Incident Response
The Security Manager leads execution of incident response plans for day-to-day and moderate-severity incidents; escalates and supports leadership during major incidents.
Stakeholder Communication
The Security Manager communicates security status, risks, and AI tooling findings clearly to IT leadership and relevant business stakeholders.
Technology Management
- Manage and optimize the organization's security tool stack (SIEM, EDR/endpoint protection, IAM, vulnerability scanners, and AI monitoring platforms like Harmonic and Weave).
- Manage and optimize vendor relationships for security tools.
Vendor and Third-Party Risk
The Security Manager conducts security assessments of third-party vendors, partners, and AI tool providers; tracks remediation of identified issues.
Budget Support
The Security Manager assists in developing and managing the security budget for tools, staffing, and training within the team's scope.
Awareness and Training
The Security Manager runs organization-wide security awareness programs, including training on safe and compliant use of AI tools.
Continuous Improvement
The Security Manager stays current on cyber threats, AI-specific risks (e.g., prompt injection, data leakage via AI tools, shadow AI usage), and industry best practices; recommends program improvements.
Qualifications
- Bachelor's degree in Computer Science, Information Technology, Cyber Security, or a related field required.
- Professional Certifications: CISSP, CISM, Security+, GIAC, or other relevant certifications preferred.
- Minimum 5–7 years of progressive experience in cybersecurity or information security, including at least 2 years in a team lead or management capacity.
- Solid working knowledge of security technologies (firewalls, SIEM, IAM, endpoint protection), cloud security, and threat intelligence.
- Familiarity with AI security/monitoring tools (e.g., Harmonic, Weave, or similar platforms) strongly preferred.
- Understanding of risks associated with generative AI and AI tool adoption (data leakage, shadow AI, model misuse) and how to mitigate them operationally.
- Experience executing risk assessments and mitigation plans at the team/operational level.
- Working knowledge of relevant regulatory frameworks and industry standards.
- Strong verbal and written communication skills; able to translate technical issues for non-technical stakeholders.
- Ability to manage multiple initiatives and priorities in a fast-paced environment.
- Demonstrated experience managing, mentoring, and developing a security team.
- Resourceful, hands-on approach to resolving security issues.
- Comfortable working in a dynamic environment with evolving tools and threats.
- Commitment to high standards of integrity, confidentiality, and professional conduct.