Jobs · Information Technology · Georgia

Sr Mgr, Information Security

HD Supply · Atlanta, GA · 6 mo ago
Information TechnologyFull-time

Key Responsibilities

  • Perform and lead information security risk assessments across applications, infrastructure, cloud environments, and business processes.
  • Maintain risk registers, document findings, assign remediation actions, and track closure.
  • Conduct threat modeling and control gap analyses in collaboration with engineering and security teams.
  • Perform and review third-party/vendor security risk assessments and questionnaires.
  • Directly manage compliance efforts for frameworks and regulations such as ISO 27001, SOC 2, PCI DSS, SOX, GDPR, or HIPAA (as applicable).
  • Prepare audit evidence, coordinate walkthroughs, and respond to auditor and regulator requests.
  • Execute control testing and validate control design and operating effectiveness.
  • Track remediation plans and validate corrective actions.
  • Draft, update, and maintain information security policies, standards, and procedures.
  • Map technical and administrative controls to compliance requirements and business risks.
  • Work hands-on with system owners to design and implement security controls.
  • Administer and optimize GRC tools (e.g., Varonis, Lighbeam, Tenable, Auditboard etc).
  • Build risk dashboards, compliance metrics, and executive-level reporting.
  • Automate evidence collection and control monitoring where possible.
  • Work closely with IT, Cloud, DevOps, Security Operations, Legal, Privacy, and Internal Audit teams.
  • Provide actionable security guidance during system design, cloud migrations, and vendor onboarding.
  • Act as a subject matter expert for security risk and compliance inquiries.
  • Lead by example with direct execution while mentoring junior risk and compliance staff.
  • Review work products, provide hands-on coaching, and ensure quality and consistency.
  • Support hiring and onboarding of risk and compliance team members as needed.

Required Qualifications

  • Bachelor’s degree in Information Security, Computer Science, or related field.
  • 8–12+ years of experience in information security, risk, compliance, or IT audit roles.
  • Strong hands-on experience with risk assessments, audits, and control testing.
  • Practical working knowledge of NIST CSF, ISO 27001/27002, SOC 2, and cloud security controls.
  • Ability to independently manage multiple assessments and audits end-to-end.

Key Skills & Competencies

  • Deep technical understanding of security controls and risk mitigation.
  • Strong documentation and evidence management skills.
  • Ability to translate compliance requirements into technical actions.
  • Comfortable working in fast-paced, hands-on environments.
  • Strong problem-solving and attention to detail.

Similar jobs

Mgr Information Security

INTEGRIS HealthOklahoma, United States· 1 wk ago
Information Technologyapply on ertr.fa.us2.oraclecloud.com