Job Description

Our client, a leading global technology solutions company, is seeking an experienced Information Security Manager to join their team in Santa Clara, CA. The successful candidate will be responsible for spearheading security initiatives, implementing robust security controls, and ensuring compliance with industry standards and regulations.

The Day-to-Day:

Lead the development and execution of security initiatives to mitigate risks and automate detection and protection mechanisms.
Manage and update the cybersecurity plan, identifying needs and implementing comprehensive security controls using multi-layered security strategies.
Perform day-to-day security event management, incident response, and root cause analysis following NIST SP 800-61 standards.
Collaborate with operations teams to integrate security controls and configurations into ongoing operations.
Ensure server, network, and endpoint security through vulnerability management, system patching, secure configurations, and malware prevention.
Implement email security measures such as spam filtering and SPF & DMARC protocols.
Monitor security systems including SIEM, IPS, and event logs for indicators of attack and compromise.
Proactively engage with clients to address challenges and business opportunities.
Maintain and update security plans, documentation, and internal operating procedures.
Liaise with client stakeholders and steering committees to ensure security solutions meet business needs.
Collect, analyze, and validate open-source intelligence.
Ensure compliance with regulatory requirements such as PCI-DSS, CJIS, and the California Consumer Privacy Act of 2018 (AB-375).
Deliver monthly presentations to executives on risk status, security controls, and remediation timelines.
Generate monthly reports on security operations to provide insights into the current state of security controls.

Qualifications:

High School Diploma required; Bachelor's degree or higher in CS, CIS, MIS, or equivalent preferred.
5-8 years of experience in cybersecurity with expertise in tools like Qualys, Zscaler, Defender, and Firewalls.
Familiarity with security standards and regulations such as NIST, GDPR, and PCI DSS.
Security certifications such as CISSP, CISM, CGEIT, GSEC, CEH, MCSE: Security, and CCNP-Security.
Excellent client engagement skills with the ability to present complex security information to business executives.
Strong leadership skills to guide teams of varying technical expertise.
Ability to prioritize tasks and influence stakeholders to advance the security program.
Proficiency in security solutions including firewall, VPN, SIEM, IPS, endpoint protection, MFA, and NAC.
Deep understanding of NIST 800-53 & CSF, risk assessment, and incident response standards.
Hands-on experience with security administration or engineering is a plus.

Pay Rate/Shifts: