InfoSec Manager

C

Cordova

InfoSec Manager

National
Full Time
Paid
  • Responsibilities

    Position Title: Experienced Information Security Manager

    Employee Status: Full Time

    Location: Remote

    Purpose:

    Provide strategic oversight of our information security program, with particular focus on regulatory compliance, and vendor management. In this role, you will work closely with our managed service provider, Soteria, to ensure our infrastructure and security controls meet all applicable regulatory requirements while aligning business objectives

    This role will work alongside the Director of IT to manage relationships with our Managed Service Provider (MSP) and other technology vendors to ensure all IT platforms including end users’ devices, third party applications, and production environments are secure and meet regulatory requirements.

    This position requires a strong security background, excellent communication abilities, and a service-oriented mindset to support our fast-paced, transformational culture. We are looking for an experienced InfoSec professional who can work independently to address security issues, meet regulatory requirements, and help maintain Hadron's growing infrastructure.

    Responsibilities:

    • Provide strategic direction and oversight of Hadron's information security program across US, UK, and EU operations

    • Manage the relationship with Soteria MSP, ensuring they deliver security services that meet our standards and regulatory requirements

    • Develop, implement, and maintain security policies, standards, and procedures aligned with regulatory frameworks including GDPR, CCPA/CPRA, NYDFS, FCA, and other relevant regulations

    • Conduct regular reviews of SOC reports and security assessments provided by Soteria and other third-party vendors

    • Lead the company's regulatory compliance initiatives related to information security, including readiness for audits and examinations

    • Establish KPIs and metrics to measure the effectiveness of security controls and compliance efforts

    • Coordinate with internal stakeholders including Legal, Compliance, and IT to ensure alignment of security initiatives

    • Oversee security incident response planning and management in coordination with Soteria

    • Report to executive leadership on security posture, compliance status, and emerging risks

    • Manage security awareness programs for employees across all regions

    • Stay current with evolving regulatory requirements and security best practices across US, UK, and EU markets

    Work Requirements, Experience, Education, and Skills:

    • Bachelor's degree in Information Security, Computer Science, or related field

    • 7+ years of experience in information security

    • Strong knowledge of insurance industry regulatory requirements across US, UK, and EU markets

    • Experience managing relationships with MSPs or other security service providers

    • Proficiency with security frameworks including NIST CSF, ISO 27001, and CIS Controls

    • Strong understanding of Zero-Trust security principles and implementation

    • Demonstrated experience in security governance, risk management, and compliance

    • Experience with security tools including SIEM, EDR, and GRC platforms

    • Strong project management and leadership skills

    • Excellent communication skills with ability to translate technical concepts for non-technical audiences.

    • Preferred Qualifications:

    • Master's degree in Cybersecurity, Information Systems, or Business Administration

    • Professional certifications such as CISSP, CISM, CRISC, or CGEIT

    • Experience in the financial services or insurance sector

    • Knowledge of cloud security and securing hybrid environments

    • Experience with security automation and orchestration

    • Background in privacy regulations and data protection