7,372 Cism jobs in the United States

Newark, United States | Posted on 01/10/2025

We are seeking an experienced Information Security Manager to spearhead our efforts in safeguarding client data and maintaining a robust organizational threat posture. In this role, you will lead strategic initiatives to protect sensitive information, manage threat intelligence programs, and ensure compliance with relevant regulations. You will also collaborate closely with various internal teamstechnical and non-technical aliketo develop, implement, and continuously improve security best practices.

Key Responsibilities

Client Data Protection & Compliance

• Design and enforce policies, procedures, and technical safeguards that secure client information from unauthorized access, disclosure, or misuse.
  
• Stay current on data privacy regulations (e.g., GDPR, CCPA) and industry standards (e.g., ISO 27001, SOC 2), incorporating them into organizational processes.
  
• Oversee and maintain data classification protocols, ensuring appropriate access controls and encryption methods are applied.
  

Threat Intelligence & Vulnerability Management

• Establish a comprehensive threat intelligence program, monitoring emerging risks and industry trends that could impact clients or the organizations security posture.
  
• Conduct routine vulnerability assessments, penetration tests, and security audits, prioritizing remediation efforts based on criticality.
  
• Collaborate with cross-functional teams (e.g., DevOps, Network Engineering) to implement and validate fixes or security upgrades.
  

Incident Response & Crisis Management

• Develop and continuously refine the Incident Response Plan (IRP), outlining clear processes for detecting, containing, and remediating security breaches.
  
• Coordinate tabletop exercises and real-world simulations to test the IRP, training staff to respond effectively in high-stress scenarios.
  
• Serve as the primary point of contact during security incidents, liaising with external agencies (law enforcement, regulatory bodies) as necessary.
  

Security Architecture & Best Practices

• Work with solution architects and system administrators to integrate robust security controls into infrastructure, software, and cloud environments.
  
• Evaluate and recommend new security products, tools, and services that enhance the organizations threat detection and prevention capabilities.
  
• Enforce secure coding practices, hardening standards, and network segmentation protocols that align with evolving threats.
  

Governance, Risk & Compliance (GRC)

• Lead security risk assessments, identifying and documenting vulnerabilities, threats, and overall risk exposure to client data.
  
• Define and track security metrics (KPIs), reporting progress, gaps, and action plans to executive leadership.
  
• Oversee internal and external security audits, ensuring timely completion of any required corrective measures.
  
• Manage a team of security analysts, engineers, and incident responders, providing coaching, mentorship, and clear performance objectives.
  
• Foster a culture of security awareness and accountability throughout the organization, conducting regular training sessions for all staff.
  
• Coordinate with third-party vendors, managed security service providers, and consultants to strengthen the organizations security ecosystem.
  

Requirements

Education & Experience

• Bachelors degree in Computer Science, Cybersecurity, Information Systems, or related field (or equivalent experience).
  
• 5+ years of hands-on experience in information security, including roles in threat intelligence, GRC, and/or incident response.
  
• Experience working within heavily regulated industries (e.g., finance, healthcare, government) is highly desirable.
  

Technical Skills

• Proficiency with SIEM platforms (e.g., Splunk, QRadar), endpoint protection suites, and vulnerability management tools (e.g., Nessus, Qualys).
  
• In-depth knowledge of security frameworks (NIST CSF, ISO 27001, COBIT) and compliance standards (PCI-DSS, HIPAA, SOC 2).
  
• Hands-on expertise in cloud security (AWS, Azure, GCP) and containerization platforms (Kubernetes, Docker) is a plus.
  

Certifications

• Relevant certifications such as CISSP, CISM, CRISC, or GIAC (GSEC, GCIA, GCIH) strongly preferred.
  

Soft Skills

• Exceptional problem-solving and analytical abilities, with a keen eye for detail.
  
• Excellent communication and presentation skills for both technical and executive audiences.
  
• Proven track record of managing diverse teams and collaborating effectively across departments.
  

Personal Attributes

• Integrity : Upholds the highest ethical standards in protecting sensitive client data.
  
• Leadership : Inspires trust and confidence, fostering a culture of teamwork, accountability, and continual learning.
  
• Adaptability : Stays agile in a dynamic threat landscape, quickly pivoting security strategies as new risks emerge.
  
• Strategic Mindset : Balances day-to-day operational demands with long-term security vision and innovation.
  

What We Offer

• Competitive Compensation : Commensurate with experience, plus potential bonus structures.
  
• Comprehensive Benefits : Medical, dental, vision, and retirement plan options.
  
• Professional Growth : Training allowances, continuing education support, and clear career advancement paths.
  
• Impactful Work : Play a pivotal role in safeguarding clients data and reputations, contributing to the organizations broader mission of secure service delivery.
  

#J-18808-Ljbffr

Overview

Reporting to the Director of Information Technology, the Information Security Manager is responsible for implementing, maintaining, and advancing the Firms information security program. This role combines information security leadership with system engineering expertise and provides escalation support for the IT Help Desk team.

Responsibilities

• Security Governance & Compliance: Ensure compliance with industry standards and regulations through regular audits and reporting on Microsoft 365 security configurations. Facilitate Information Security Committee meetings, preparing memos and reports. Lead the Firm to obtain SOC 2 certification by developing and updating security policies, procedures, and standards, and driving their implementation.
• Microsoft 365 Security Management: Configure and manage security features across Microsoft 365, including Azure Active Directory, Microsoft Defender for Identity, and Microsoft Defender for Office 365. Implement and enforce identity and access management controls, including Multi-Factor Authentication (MFA) and conditional access policies.
• Threat Detection & Incident Response: Collaborate with security vendors (e.g., CrowdStrike) to optimize systems and enhance threat detection and response capabilities. Lead incident response efforts, conduct forensic analysis, and prepare post-incident reports to ensure continuous improvement.
• User Awareness & Training: Partner with the training team to develop and deliver security awareness programs, promoting best practices across the Microsoft 365 environment.
• Collaboration & IT Support: Work closely with internal IT staff and outsourced security teams to integrate Microsoft 365 and other security measures into the broader organizational security strategy. Act as a technical escalation point for the IT Help Desk team, providing after-hours support when required. Monitor system patching, backups, and continuity processes, ensuring optimal performance and reliability.
• Technology & Project Management: Plan, coordinate, and execute complex technology projects. Identify problem trends, recommend solutions, and research emerging technologies. Recommend and support hardware/software solutions, including HP servers, workstations, laptops, printers, and peripherals.

Requirements

• Law firm IT and security experience required.
• 10+ years of experience in a professional services or corporate environment.
• Proven ability to make sound decisions under high-pressure situations.
• Strong leadership, teamwork, analytical, and problem-solving skills.
• Excellent communication skills across all organizational levels.
• Highly organized with strong attention to detail; able to thrive in a fast-paced, evolving environment.
• Experience supporting multiple office locations remotely.
• Ability to plan, organize, and track tasks for self and team.
• Willingness to travel occasionally for business purposes.
• Ability to lift and carry up to 50 pounds when necessary.

Technical Requirements

• Bachelors degree in Information Technology, Computer Science, or related field, or equivalent experience.
• Proven expertise as a Microsoft 365 Security Specialist or similar role.
• In-depth knowledge of Microsoft 365 security features, tools, and administration.
• Experience with threat detection, incident response, and security compliance frameworks.
• Strong understanding of identity and access management principles.
• Relevant certifications such as Microsoft SC-900 or equivalent.
• Experience preparing policies and evidence for SOC 2 and ISO certifications.
• Hands-on experience with Microsoft Azure, VMware, Windows Server, CrowdStrike, and related security tools.
• Solid hardware knowledge, including support of HP servers, workstations, laptops, printers, and peripherals.

#J-18808-Ljbffr

Information Security Manager

At ValidaTek, we modernize and optimize IT services to solve some of the most critical challenges facing federal civilian and defense agencies. From customers to partners to top-talent employees, ValidaTek puts people first, empowering them to exceed expectations and transform government organizations. Our success starts and ends with our people, so we built a company where great people can do great things, with the resources and autonomy to make decisions that transform organizations. We operate as one team of diverse people, united by a passion for continuous growth and optimization. Our commitment to quality and performance optimization is the reason why our IT Service Projects and New Development Projects have been appraised at CMMI Maturity Level 5, positioning us as one of a handful of elite companies to receive the highest form of third-party validation.

We are seeking an experienced Information Security Manager to support a Defense Information Systems Agency (DISA) Cyber Program. The ideal candidate will oversee security operations, compliance, risk management, and cyber defense initiatives to protect DoD networks and information systems. This role requires strong leadership, technical expertise, and an understanding of DISA policies and cybersecurity frameworks. Primary place of performance will be Pensacola, FL where an on-site presence is required.

Responsibilities

• Lead and manage cybersecurity efforts for the DISA Cyber Program, ensuring compliance with DoD and DISA security requirements.
• Develop, implement, maintain, and ensure compliance with information security policies, standards, and procedures in accordance with NIST, RMF, and other relevant frameworks.
• Oversee risk management and vulnerability assessment processes to identify, assess, and mitigate security threats.
• Conduct security audits, assessments, and incident response activities to protect sensitive information.
• Coordinate with internal and external stakeholders, including government officials, contractors, and cybersecurity teams, to enhance security posture.
• Serve as the primary liaison between the organization and external security assessors or auditors.
• Oversee system risk management, vulnerability assessments, and mitigation strategies.
• Monitor emerging cyber threats and recommend proactive defense strategies.
• Provide leadership and mentorship to security personnel, fostering a culture of continuous improvement and security awareness.
• Manage security tools, technologies, and processes, ensuring alignment with mission requirements.
• Develop and deliver reports, briefings, and security recommendations to senior leadership.

Qualifications

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field.
• Minimum of 8+ years of experience in information security, with at least 3 years in a managerial role.
• Active DoD Secret clearance - required.
• ITIL certification - preferred.
• Strong knowledge of DoD cybersecurity policies, including DISA STIGs, RMF, NIST 800-53, and Zero Trust Architecture.
• Experience with security tools such as SIEMs, IDS/IPS, vulnerability scanners, and endpoint protection solutions.
• Experience with categorization and assignment of security controls and creation and maintenance of A&A packages in DISA's Enterprise Mission Assurance Support Service (eMass) system.
• Proven ability to manage cyber incidents, security assessments, and compliance efforts.

• Exceptional communication skills and the ability to engage with technical and non-technical stakeholders.
• Active CISSP, CISM, or equivalent DoD 8570 IAM Level III certification.

Preferred Qualifications:

• Experience working with DISA, DoD Cyber Operations, or similar environments.
• Familiarity with cloud security (AWS, Azure, DoD Cloud environments).
• Hands-on experience with automation and orchestration tools for security operations.
• Knowledge of Zero Trust and AI-driven cybersecurity solutions.

ValidaTek is an Equal Opportunity Employer. All qualified applicants will be considered without regard to disability, protected veteran status, or any other status protected by federal, state, or local laws. Applicants who are selected for employment will be required to verify authorization to work in the United States. Offers of employment will be contingent upon passing a post-offer background check.

General Purpose:

The Information Security Manager reports to the Chief Information Security Officer (CISO) and supports the implementation of security strategy that ensures Holland & Hart complies with applicable client, legal, and regulatory security requirements while safeguarding Holland & Hart's facilities and information systems. The Information Security Manager supports in the implementation of the strategy, operations and budget of the architecture, design, and implementation of IT projects to ensure availability, confidentiality, and data integrity. The Information Security Manager manages the threat landscape within Holland & Hart and designs and implements security measures tailored to address threats in a timely, efficient, and risk-managed method. The Information Security Manager is a formal contributor in enterprise-wide risk assessments and champion in security control implementation.

Essential Duties/Responsibilities:

• Drives the development and implementation of strategic, long-term information security strategy and roadmaps to ensure Holland & Hart's information assets are adequately protected.
• Critical decision maker on designated information security committees, including analyzing and managing firm risk and tracking remediation.
• Oversees incident response planning and the investigation of security breaches.
• Leads IT Security incident response. Collaborates with analysts performing incident response and remediation. Handles incident response communications within team.
• Works with employees across the firm to assess and communicate and make recommendations regarding acceptable levels of risk.
• Manages ISO 27001 certifications including evidence collection and presentation to certification bodies.
• Manages and responds to client audits and security reviews, negotiating best practices, mitigating controls, and implementing new security measures. Presents security evidence to clients to demonstrate compliance.
• Assists the CISO in maintaining the budget and operational focus of the team.
• Provides subject matter expertise on security standards and best practices.
• Oversees the implementation of Access Control solutions.
• Manages individuals within Access Control team.
• Develops and mentors information security and technology professionals.
• Develops and recommends regulatory changes on information security policies, procedures, standards and guidelines, and oversees their approval, dissemination, and maintenance.
• Ensures that the security management program is compliant with applicable laws, regulations, and contractual requirements.
• Oversees and may provide hands on support for the evaluation, selection and implementation of information security solutions that are innovative, cost-effective, and minimally disruptive.
• Partners with software developers, infrastructure, and applications teams to ensure that technologies are developed and maintained according to security policies and guidelines.
• Monitors the industry and external environment for emerging threats and advise relevant stakeholders on appropriate courses of action.
• Liaise with law enforcement and other advisory bodies to ensure that the organization maintains a strong security posture.
• Leads one or more phases of large-complexity projects.

Competencies:

• Strategic Thinking: Plans and makes decisions within the framework of the firm's strategic intent.
• Team Management & Results Orientation: Creates and maintains high functioning team(s).
• Communication: Understands the importance of and demonstrates verbal, written, and non-verbal communications.
• Customer/Client Experience: Creates a consistent and exceptional experience for others, whether directly to external clients/customers or indirectly through internal support, that elevates the overall perception of the firm.

Supervisory Duties (if applicable):

• Develop and nurture a working environment that prioritizes inclusivity and a client-centric approach. Recognize and reward strong performance, teamwork, professionalism, and responsiveness. Instill confidence within the team and among the firm's professionals by celebrating hard work and success. Set clear and achievable expectations for future success.
• Effectively organize and oversee the scheduling, workload distribution, and productivity of the team to ensure efficient operations.
• In collaboration with the department head and in accordance with company policy, make informed hiring and selection decisions to build a high-performing team.
• Deliver timely and constructive performance feedback. Complete performance evaluations that help team members grow and improve.
• Actively coach, develop, and train team members to ensure they meet and exceed departmental expectations and perform their duties effectively.
• Review and approve timecards and vacation requests for direct reports, ensuring compliance with organizational policies and procedures.
• Efficiently manage daily responsibilities in alignment with departmental goals and objectives.
• With the assistance of HR and the department head, manage employee discipline and, when necessary, termination in accordance with company policy and legal guidelines.

Job Qualifications (Education, Experience and Certification):

• Bachelor's degree with technology is preferred, or applicable years of direct experience.
• Minimum 10 years of IT experience with a focus on IT Security.
• 2 years of management experience is preferred.
• At least one relevant industry certifications such as GCIH, GCED, CISSP, CISA, CISM, etc.
• Possesses an excellent knowledge and background in IT operations, security technologies and regulations.
• Must be collaborative, creative, and driven with a proven ability to be a team player
• Able to think strategically, develop solutions quickly and implement efficiently.
• Possesses business acumen and understands budgets, business-planning and balancing security and business risk.
• Skilled in conducting security reviews, audits, and analyses.
• Excellent verbal, written, and overall communication skills and ability to communicate effectively at all firm levels.
• Leadership and organizational abilities.
• Detailed oriented to ensure that the success of implementations is paramount.
• Strong analytical skills.
• Self-starter with the ability to multi-task and work in a very fast paced environment.
• Results oriented and with a strong client focus.

Physical Requirements:

While performing the duties of this position, the employee must have the ability to sit, stand and/or walk for extended periods of time; manipulate (lift, carry, move) weights of at least ten (10) pounds; have repetitive wrist/hand/finger movement to work on a computer and/or related office equipment; speak clearly and concisely so listeners can understand; and regularly understand the speech of another person.

The physical demands described here are representative of those that must be met by this position to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Work Environment:

Professional office atmosphere. Sedentary work that primarily involves sitting or standing for prolonged periods. Position may require occasional off-hour meetings and events.

The work environment characteristics described here are representative of those this position may encounter while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Note: This job description is intended to convey information essential to understanding the scope of the job and the general nature and level of work performed by job holders within this job. However, this job description is not intended to be an exhaustive list of qualifications, skills, efforts, duties, responsibilities or working conditions associated with the position.

Holland & Hart offers of employment take into consideration a candidate's education, training, and experience, as well as the position's work location, external market and internal value, including seniority and merit systems, and internal pay alignment when determining the salary level for potential new employees. A discretionary bonus may be available based upon performance. The Colorado salary range is $125,317 to $208,862 annually. A discretionary bonus may be available based upon performance.

The application window is anticipated to close on or after Friday, October 10th.

Holland & Hart works hard to promote work/life balance with a 37.5 -hour scheduled work week for most staff employees, a robust wellness program, and generous PTO and holiday pay for eligible employees. Full-time employees become eligible for benefits on the date hire, with a benefits offering that includes medical, dental, vision, life, AD&D, EAP, STD, and LTD. Also available are voluntary income protection benefits such as supplemental life, accident, critical illness, and long-term care insurances, as well as a 401(k)-retirement plan with a company match. In addition, the firm has programs that may provide for educational assistance, free or discounted legal services, and opportunities through the Holland & Hart Foundation, which is a non-profit organization dedicated to creating volunteer opportunities for lawyers, staff, families, and friends of Holland & Hart LLP. Part-time employees may have access to some of these benefits, which may be on a pro-rated basis.

Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.

Job DescriptionJob Description

About Us

T1 Energy is accelerating America's clean energy transition by building an integrated U.S. supply chain for solar and battery solutions. Following a transformative acquisition in December 2024, T1 Energy is now a leader in solar manufacturing, with an ambitious strategy encompassing both solar and battery storage. Our innovation-driven approach sets the industry benchmark in R&D, manufacturing, and scalable deployment of PV cells and modules. Trusted by top global developers and contractors, we deliver the most advanced, reliable technologies in the market.

At T1 Energy, we go beyond solar, providing comprehensive smart energy solutions that power the future. As we expand our capabilities and enter new markets, we’re looking for bold, driven professionals who share our passion for sustainability and technological excellence.

The Opportunity: Information Security Manager

We’re hiring a skilled and hands-on Information Security Manager to join our growing IT team. As a key member of the team, you will help design new security systems, improve existing ones, manage the organization's cybersecurity program across both IT and OT environments, implement technical controls, and coordinate with teammates in multiple locations to protect critical assets. This role is hands-on and requires expertise in advanced security technologies, including EDR/MDR/XDR platforms, and will initially work onsite while ramping up security protocols for the organization

This is a high-impact role requiring strong technical expertise, leadership, and cross-functional collaboration. The position will be full-time onsite initially, with the potential to transition to a hybrid or remote schedule after successful onboarding.

Key Responsibilities

• Lead the design and execution of our information security strategy across IT and OT environments.

• Deploy and manage industrial security systems at U.S. manufacturing facilities to protect cyber-physical infrastructure.

• Oversee advanced security platforms (EDR/MDR/XDR), ensuring correct configuration, monitoring, and continuous improvement.

• Drive data security initiatives, including encryption, DLP, and classification programs, aligned with U.S. compliance standards.

• Manage incident response and threat detection, including vulnerability remediation and security event management.

• Conduct regular risk assessments, audits, and policy compliance reviews, ensuring alignment with internal and regulatory standards.

• Collaborate with physical security teams to develop a unified approach to asset protection.

• Develop and deliver security training and awareness initiatives to foster a strong security culture across the organization.

What We’re Looking For

• Bachelor’s degree in Cybersecurity, Computer Science, or a related field.

• 5–8 years of information security experience, including at least 2 years in a leadership or management role.

• Proficiency with security technology solutions, including EDR/MDR/XDR, firewalls, IDS/IPS, intrusion detection systems, and endpoint security platforms.

• Hands-on experience securing OT/ICS environments in industrial or manufacturing settings.

• Deep understanding of data protection methods, including encryption and DLP strategies.

• Strong background in incident response, threat mitigation, and vulnerability management.

• Familiarity with U.S. cybersecurity regulations (e.g., NIST, CISA, CMMC) and industry best practices.

• Holds at least one of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC).

• Excellent project management and cross-functional collaboration skills.

• Strong communication skills with the ability to translate technical concepts for non-technical stakeholders.

T1 Energy provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to , , , , , , , or genetics.

Information Security Manager

COMPANY INFORMATION

Precise Software Solutions, Inc. is a fast growing and highly respected small business committed to providing high quality Information Technology (IT) consulting services to government and commercial organizations. Precise focuses on agility and practicality and is committed to meeting highest client expectations and delivering value to our clients.

This position is contingent upon contract award.

DUTIES AND RESPONSIBILITIES

The Information Security Manager manages security for the program, serving as an expert and authority for the program's information security. Duties include:

• Monitoring security tasks and keep the Program Manager abreast of all problems and accomplishments
• Anticipating security problems and risks and works to mitigate the anticipated problems
• Complete security related tasks within estimated time frames and budget constraints through scheduling and assigning duties to team members as appropriate

REQUIRED SKILLS

• Fifteen years of information security manager experience including experience complying with FISMA requirements and related guidelines such as NIST SP 800-53 for a federal program
• Experienced with interpreting and implementing Government computer security standards
• Experienced in leading efforts to resolve Plans of Action and Milestones (POA&Ms)
• Working knowledge of cloud-based security technology and practices including FedRAMP-approved products
• Experience with cloud-based security technology, Nessus, Tenable, Trend Micro, AWS Security Tools Security Hub / Guard Duty, Snyk.io
• Must be USC/GC/EAD with ability to obtain a public trust clearance.

EDUCATION

• Undergraduate degree from an accredited college or university in information security, computer science, or other discipline related to the requirements of this project.
• Certified Information Systems Security Professional (CISSP) or equivalent.
• Certified Cloud Security Professional or equivalent.

ABOUT US

Precise Software Solutions, Inc., an SBA 8(a) program participant, is an innovative small business with a proven record of success delivering quality services and solutions to government organizations. A CMMI Level 3 company, Precise serves as a trusted advisor to senior technology executives and helps government agencies enhance and expand their information technology capabilities. Precise helps their customers capitalize on the efficiencies offered by technological advancements and ensures the integrity of their IT systems and programs so they can perform their public mission more effectively. The company is known for delivering agile and innovative solutions and specializes in strategic consulting, system modernization and integration, digital transformation and experience, infrastructure and cloud implementation, and data management and analytics.

BENEFITS AND PERKS:

• Comprehensive Health Benefits (Medical, Dental and Vision) including High Deductible Health plan where company pays 100% of the deductible for your family.
• Flexible Spending Accounts (FSA) & Health Savings Account (HSA)
• Retirement Plan with 4% match and discretionary match at year end
• Paid Time Off (PTO): 15 days of PTO accrued per year; 7 holidays+ 3 Floating holidays; 2 Innovation days (paid training days)
• Short Term and Long-Term Disability
• Paid Parental Leave
• Paid Jury Duty leave
• Life and AD&D Insurance
• Critical Illness Insurance
• Training and Development
• Wellness Incentives & Discount programs
• Employee Referral Program
• Annual Charity Donation Match
• Awards and Recognition

Our Equal Employment Opportunity Policy

Precise is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin, age, disability, military/veteran status, marital status, genetic information or any other factor protected by law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits and all other privileges, terms and conditions of employment. The company is dedicated to seeking all qualified applicants.

ATI builds and manages collaborations that conducts research and development of new technologies to solve our nation's most pressing challenges. Our collaborations are custom-built teams of organizations from industry and academia that develop novel technologies for the federal government. Traditionally, these processes are complicated and burdensome. That's where ATI comes in. We simplify and streamline processes to make it all work. When you work at ATI, you become a part of something larger than yourself. Our collective work - no matter what department or division you work in - ultimately enables the warfighter, saves lives, and diversifies the industrial base. At our core, ATI is a service organization. We are in service to others; it's what we do, and it's who we are.

Apply at ATI.ORG; we only accept applications submitted through our applicant tracking system.

This position offers a hybrid schedule (in-office & remote/work from home) or an onsite schedule and flexible hours. Candidates will need to reside near Charleston, SC to ensure work site flexibility.

Position Description:
The Information Security Manager will assist with the overall direction of enterprise-wide security functions associated with Information Technology and protect information assets from intentional or inadvertent access, modification, destruction and/or disclosure. The ideal candidate will possess a deep understanding of cybersecurity principles and practices, and will be responsible for designing, implementing, and maintaining robust security solutions to protect our company's critical assets. You will lead initiatives to strengthen our security posture, respond to incidents, and collaborate with cross-functional teams to ensure the integrity, confidentiality, and availability of our systems and data.

Essential Functions:

Security Design & Implementation: Develop and implement comprehensive security architectures and solutions to address organizational needs and mitigate risks.

Incident Response: Respond to security incidents, including investigation, containment, eradication, and recovery. Conduct post-incident reviews and recommend improvements.

Vulnerability Management: Identify and assess vulnerabilities through regular security assessments, penetration testing, and threat intelligence. Develop and implement strategies to address and remediate identified vulnerabilities.

Threat Analysis: Monitor and analyze emerging threats and vulnerabilities. Stay up-to-date with the latest cybersecurity trends and technologies to proactively address potential risks.

Policy & Compliance: Develop, review, and enforce security policies, procedures, and standards to ensure compliance with regulatory requirements such as the Cybersecurity Maturity Model Certification (CMMC), industry best practices and common cybersecurity frameworks such as the NIST Cybersecurity Framework 2.0.

Collaboration: Work closely with IT teams and other stakeholders to integrate security and promote good security practices throughout the company.

Security Tools & Technologies: Evaluate, deploy, and manage security tools and technologies to enhance the organization's security posture. Provide guidance on the selection and use of security solutions.

Training & Awareness: Conduct security training and awareness programs for staff to promote a culture of security and ensure adherence to security policies and practices.

Documentation: Maintain comprehensive documentation of security systems, procedures, and incident reports. Develop and update security documentation as needed.

Assists in the creation and management of the IT Security Roadmap to address the needs of the business today and into the future.

Ensures IT Security system operation adheres to applicable laws and regulations.

Maintains good relationships between internal IT resources, departments and external entities.

Keeps current with trends and issues in the IT Security industry, including current technologies and prices. Advises and educates IT Leadership on all IT Security related items

Acts as department lead if the Sr. Information Security Manager is unavailable

Additional Responsibilities:

• Other duties as assigned.

Qualifications:

• Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Advanced degree or relevant certifications (e.g., CISSP, CISM, CEH) preferred.
• Experience: Minimum of 6-10 years of experience in cybersecurity with a proven track record in a senior or lead role.
• Technical Skills: Strong knowledge of network and system security, including firewalls, intrusion detection/prevention systems, VPNs, and encryption technologies. Proficiency with security tools such as SIEM, IDS/IPS, and vulnerability scanners.
• Analytical Skills: Excellent problem-solving, analytical and troubleshooting skills, with the ability to assess complex security issues and develop effective solutions.
• Communication Skills: Strong verbal and written communication skills, with the ability to articulate security concepts and issues to both technical and non-technical stakeholders.
• Certifications: CISSP or equivalent Cyber Security certification.
• Personal Traits: Detail-oriented, proactive, and able to work independently as well as part of a team. Strong organizational skills and the ability to manage multiple priorities effectively.
• U.S. Citizenship required, must be able to possess and maintain a DOD security clearance.
• This position is subject to a background check that includes a review of criminal records. In reviewing an applicant's criminal history, the company will consider prior criminal convictions that have a relationship to the job duties and responsibilities of the position. The company considers the nature of the crime, the time that has elapsed since the crime and the job duties for the position at issue in making an individualized determination. Individuals may be excluded when the company determines, based on the above factors, that hiring, transferring or promoting the applicant would pose an unreasonable risk to the business, its employees or its customers and vendors.
• If you are a qualified candidate, we encourage you to apply even if you have a prior criminal conviction(s). Convictions will not automatically disqualify the candidate, However, conviction(s) will be considered and balanced against the age of the candidate at the time of the offense, time elapsed since the offense, type of offense, potential impacts of such on the work environment, sensitivity of the position(s) available/sought, and similar independent factors relevant to the employment requirements at ATI.

Physical Requirements

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Regular physical activity to include walking, bending, stooping, reaching, standing and prolonged sitting.

Ability to use phone and computer systems, copier, fax, and other office equipment.

Must be able to occasionally move/lift up to 25 pounds with or without reasonable accommodation.

Work Environment

This position is located in an air-conditioned, environmentally controlled atmosphere.

Noise level in the work environment is usually moderate.

ATI is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, Individuals with Disabilities and all other protected classes.

Apply at ATI.ORG; we only accept applications submitted through our applicant tracking system.If you require accommodations to complete this application, please contact Human Resources at or email

Anticipated starting salary is in range commensurate with education and experience:
$120,000
















ATI has been named "Best Places to Work in SC" from .

This is a full-time opportunity with benefits

ATI provides Medical, Dental and Vision Plan options

Flexible Spending Accounts, including health and dependent care accounts

403B Retirement Savings plan with a very competitive company contribution

Personal time-off (pre-loaded & accrued) plus 12 paid holiday-days

Life Insurance paid by ATI

Paid Parental Leave

Short-Term & Long-Term Disability Coverage paid by ATI

Employee Assistance Program

Tuition Reimbursement Program

Flexible work schedules

ATI's standard business hours are Monday-Friday, between 8 AM - 5 PM.

Are you a Cybersecurity compliance expert ready to take the lead in a dynamic, high-impact role? Join a globally recognized firm where you'll play a key role in shaping and strengthening our cybersecurity strategy. This is your chance to make a difference in a fast-paced, professional environment that values innovation, collaboration, and technical excellence.

Why You'll Love This Role:

• Drive Security Initiatives - Lead firmwide cybersecurity programs, ensuring compliance with ISO 27001 and other industry standards.
• Be a Decision-Maker - Approve security risks, implement best practices, and enhance policies to safeguard critical systems.
• Third-Party & Risk Management - Oversee vendor risk assessments, vulnerability management, and client security audits.
• Lead & Mentor - Supervise a Compliance Analyst and provide strategic guidance across teams.
• Innovate & Protect - Collaborate with IT leadership to integrate cutting-edge security solutions into firm operations.

What You Bring to the Table:

• 5+ years of cybersecurity experience in a complex IT environment.
• Strong knowledge of security frameworks (ISO 27001, NIST, etc.).
• Hands-on experience with security tools, compliance audits, and risk assessments.
• Leadership experience with a passion for mentoring and developing security professionals.
• Bachelor's degree in Cyber Security, Computer Science, or a related field. Security certifications (CISSP, CRISC, etc.) strongly preferred.

Offer includes:

• Competitive salary: $145,000 - $170,000
• Hybrid work environment
• Excellent benefits package
• A culture of excellence, diversity, and professional growth

Ready to step into a leadership role where your expertise will make a real impact? Apply today and be a key player in securing the future of a top international firm.

Apply to this post or email your resume directly to Dan Gilliam, email:

Tags: Cybersecurity, IT, ISO, Compliance, Security Manager

SG2 Recruiting is seeking an information security manager to support IC client in the Washington DC Metro area. The information security manager (ISM) will apply their proactive approach to safeguarding organizational data and systems. Key responsibilities will include leading incident response, implementing security measures, managing system vulnerabilities, and ensuring compliance through evaluation and accreditation processes. The ISM will also develop security policies, provide training, and oversee the maintenance of security infrastructure, all while analyzing threat intelligence to mitigate risks and maintain a robust security posture.

What You Will Be Doing:

• Recommending, scheduling, and implementing IA-related repairs.
• Coordinating and supporting all applications and operations.
• Leading teams and supporting actions to quickly resolve or mitigate IA problems for the IS environment.
• Supporting the installation of new or modified hardware, operating systems, and software applications, ensuring integration with security requirements.
• Identifying and determining whether a security incident indicates a violation of law requiring specific legal action.
• Directing and implementing operational structures and processes to ensure an effective security program, including boundary defense, incident detection and response, and key management.
• Providing direction and supporting system developers regarding the correction of security problems identified during testing.
• Evaluating functional operations and performance in light of test results and recommending actions regarding Certification and Accreditation (C&A).
• Examining IS vulnerabilities and determining actions to mitigate them.
• Monitoring and evaluating the effectiveness of IS security procedures and safeguards.
• Analyzing security incidents and patterns to determining remedial actions to correct vulnerabilities.
• Supporting the development and implementing of the IS termination plan to ensure that security incidents are avoided during shutdown and long-term protection of archived resources is achieved.
• Implementing vulnerability countermeasures.
• Providing support for IA customer service performance requirements.
• Providing support for the development of IA-related customer support policies, procedures, and standards.
• Writing and maintaining scripts required to ensure security.
• Implementing and maintaining perimeter defense systems, including, but not limited to, intrusion detection systems, firewalls, and grid sensors.
• Scheduling and performing regular and special backups.
• Establishing logging procedures, such as important IS events, services and proxies, and log archiving facilities.
• Providing training for IAT Level I and II personnel.
• Analyzing IAVAs, ICVAs, and IAVBs for impact and taking or recommending appropriate action.

What You Will Need:

• Active TS/SCI with a CI polygraph
• Ability to commute to Alexandria, VA office five (5) days per week
• Doctorate degree in a STEM-related technical field with 8 years of relevant experience
• Or master's degree with 10 years of related experience
• Or bachelor's degree with 12 years of experience,
• OR associate's degree with 14 years of experience
• OR high school diploma with 16 years of experience
• One or more of the following certifications: GIAC Security Expert (GSE) Certified Information Systems Auditor (CISA), GIAC Certified Incident Handler Certification (GCIH), or Certified Information Systems Security Professional (CISSP) required

About Client:

Client does not discriminate based on race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other reason prohibited by law in providing employment opportunities and benefits.