Information Systems Security Manager

Vintti is a strategic staffing agency that enhances the competitiveness of US businesses. By connecting SMBs, startups, and firms with highly skilled Latin American professionals, we offer a cost-effective solution to talent acquisition. Our model allows companies to access top-tier expertise at rates that significantly reduce overhead costs, enabling businesses to allocate resources more efficiently and boost their bottom line.

An Information Systems Security Manager is responsible for overseeing the protection of an organization's information systems and data against potential cyber threats. This role involves developing and implementing security policies, conducting risk assessments, and ensuring compliance with relevant regulations. The manager coordinates with various departments to establish and maintain security protocols, responds to security breaches, and provides strategic guidance on cybersecurity best practices. Additionally, this role requires staying up-to-date with the latest security trends and technologies to proactively address emerging threats.

- Bachelor's degree in Information Security, Computer Science, or related field
- Certification in CISSP, CISM, CISA, or equivalent
- 5+ years of experience in information security management or related roles
- Strong knowledge of cybersecurity frameworks and standards (e.g., NIST, ISO 27001)
- Expertise in risk assessment, threat modeling, and vulnerability management
- Proficiency in security tools such as SIEM, IDS/IPS, firewalls, and anti-malware solutions
- Experience with incident response and disaster recovery planning
- Solid understanding of network security architecture and protocols
- Familiarity with compliance requirements such as GDPR, HIPAA, and PCI-DSS
- Experience conducting security audits and assessments
- Proficiency in secure software development practices
- Strong analytical and problem-solving skills
- Excellent written and verbal communication skills
- Ability to manage multiple projects and prioritize tasks effectively
- Experience with cloud security and securing cloud environments (e.g., AWS, Azure, GCP)
- Strong understanding of encryption technologies and data protection
- Experience working with cross-functional teams and stakeholders
- Ability to stay current with evolving cybersecurity threats and trends
- Strong attention to detail and organizational skills
- Proven ability to develop and implement security policies and procedures

- Develop, implement, and maintain comprehensive security policies, standards, and procedures.
- Monitor and analyze security alerts, logs, and reports from various platforms and systems.
- Perform regular security assessments, including vulnerability scans and penetration tests.
- Coordinate and manage incident response activities and investigations.
- Ensure organizational compliance with relevant security regulations, standards, and best practices.
- Collaborate with cross-functional teams to identify and mitigate security risks.
- Manage the deployment, configuration, and maintenance of security tools and technologies.
- Conduct regular security awareness and training programs for staff.
- Review and approve security configurations, network architecture, and software designs.
- Provide regular security metrics and status reports to senior management.
- Develop, implement, and test disaster recovery and business continuity plans.
- Investigate, document, and respond to security breaches and incidents.
- Stay current with emerging cybersecurity threats, trends, and technologies.
- Prepare and conduct internal and external security audits.
- Coordinate with external security vendors, consultants, and service providers.
- Oversee secure software development practices and perform code reviews.
- Maintain an accurate inventory of IT assets and their security requirements.
- Create and maintain detailed documentation for security procedures and incident responses.

The ideal candidate for the Information Systems Security Manager role is a highly experienced professional with a minimum of a bachelor's degree in Information Security, Computer Science, or a related field, complemented by certifications such as CISSP, CISM, or CISA. With over five years of hands-on experience in information security management, the candidate demonstrates a robust understanding of cybersecurity frameworks, standards, and best practices, including NIST and ISO 27001. They possess a deep expertise in risk assessment, threat modeling, vulnerability management, and are adept at utilizing a wide range of security tools such as SIEM, IDS/IPS, firewalls, and anti-malware solutions. Proficient in incident response, disaster recovery planning, and compliance requirements like GDPR, HIPAA, and PCI-DSS, the candidate is also skilled in secure software development and knowledgeable about cloud security in environments such as AWS, Azure, and GCP. Their strong analytical and problem-solving skills, combined with exceptional communication and interpersonal abilities, enable them to effectively manage multiple projects, lead cross-functional teams, and engage stakeholders. A proactive, detail-oriented mindset and a commitment to staying current with evolving cybersecurity threats and trends set them apart, while their ability to work under pressure, maintain high ethical standards, and make strategic decisions ensures they can safeguard the organization against potential security threats. They are customer-focused, technologically savvy, and dedicated to mentoring their team, fostering a culture of security awareness, and delivering high-quality service in a dynamic environment.

- Monitor and analyze security alerts and reports from various systems and networks.
- Develop, implement, and maintain security policies, procedures, and protocols.
- Perform regular security assessments, vulnerability scans, and penetration tests.
- Coordinate and oversee incident response and investigation processes.
- Ensure compliance with relevant regulations, standards, and best practices.
- Collaborate with IT and other departments to identify and mitigate security risks.
- Manage and maintain security tools and technologies, such as firewalls, intrusion detection/prevention systems, and anti-malware solutions.
- Conduct security awareness training and education for employees.
- Review and approve security configurations and architecture designs.
- Report on security metrics and provide regular updates to senior management.
- Develop and implement disaster recovery and business continuity plans.
- Investigate and respond to security breaches and incidents.
- Maintain up-to-date knowledge of evolving cybersecurity threats and trends.
- Prepare and conduct security audits and reviews.
- Liaise with external security vendors and consultants as needed.
- Ensure secure software development practices and oversee code reviews.
- Maintain an inventory of IT assets and their associated security requirements.
- Create and maintain detailed documentation for security procedures and incidents.

- Proactive and detail-oriented mindset
- Strong problem-solving abilities
- Exceptional analytical skills
- Excellent communication and interpersonal skills
- Highly organized with effective time management
- Ability to work well under pressure and meet deadlines
- Inquisitive and eager to stay current with new technologies and cyber threats
- Proven leadership and team management experience
- High level of integrity and ethical standards
- Strong decision-making capabilities
- Ability to think strategically and implement long-term security initiatives
- Customer-focused with a commitment to delivering high-quality service
- Adaptable and flexible in a fast-paced, dynamic environment
- Ability to work collaboratively with diverse teams
- Strong technical aptitude and a passion for cybersecurity
- Ability to mentor and train team members on security best practices
- Self-motivated with a strong sense of ownership and accountability
- Ability to handle confidential information with discretion and professionalism

- Competitive salary range ($90,000 - $140,000 depending on experience and qualifications)
- Comprehensive health insurance (medical, dental, vision)
- Retirement savings plan with company-matching contributions
- Generous paid time off (PTO) including vacation, sick leave, and holidays
- Flexible work hours and remote work options
- Professional development opportunities and continuous learning programs
- Tuition reimbursement for relevant courses and certifications
- Company-sponsored conferences and training workshops
- Employee wellness programs including gym membership stipends
- Life insurance and disability coverage
- Employee assistance programs (EAP)
- Opportunity for career advancement and leadership roles
- Collaborative and dynamic work environment
- Regular team-building activities and company events
- Performance-based bonuses
- Access to the latest security technologies and tools
- Support for professional certifications and renewals
- Stock options or equity participation (if applicable)
- Recognition and reward programs