Information Security Manager

What You’ll Do:

As the Information Security Manager, you will establish and maintain a company-wide information security management program to ensure that information assets are protected.  You will manage efforts to identify, evaluate, and report on security risks and propose risk mitigation in alignment with corporate strategy.  You will ensure compliance with legal and contractual responsibilities, including compliance audits, threat assessments, and follow-up.  You will promote a culture of information security, providing guidance to company leaders and training to employees across multiple departments.

Position Responsibilities: 

• Execute all position responsibilities in alignment with Slingshot’s core values, mission, and purpose
• Leverage our leadership and management competencies to attract, develop, lead, and inspire a diverse, high-performing team
• Develop and implement an information security strategy and policy
• Review, update, and document company information security policies and procedures
• Oversee dissemination and training of security policies and practices
• Work with business leaders to facilitate security risk assessment and risk management processes in alignment with corporate risk tolerance strategy
• Provide strategic guidance, including evaluation and recommendation of controls, processes, and tools
• Coordinate security audits and risk assessments to identify weaknesses in the security infrastructure and recommend solutions 
• Ensure all security programs comply with relevant laws and regulations
• Manage security incidents and responses to protect information assets, advise stakeholders on remediation methods
• Assist with IT system administration from an information security perspective
• Coordinate with vendors and consultants when needed to deliver on the defined security policies 
• Perform other duties as assigned (to be less than 10% of the responsibilities listed above)

Pre-Requisites

• Must be a U.S. citizen eligible for government clearances

Minimum Requirements

• 5+ years experience in an information security role and at least 2 years of vendor/contractor/process leadership
• Experience with auditing and verifying information security controls in accordance with government requirements
• 4-year degree in computer science, information technology, or related field (or equivalent work experience)
• Experience with security frameworks such as NIST 800-171, CMMC, FIPS 104-2, DFAR, SOC2, and ISO
• Experience with MDM, IdP, endpoint protection, and remote network security systems
• Ability to travel up to 10% of the time

Preferred Skills 

• Relevant certifications such as CISSP, CISM, or CRISC
• Strong verbal and written communication skills to effectively communicate security risk and requirements to stakeholders at all levels of the organization
• Experience with compliance/security frameworks such as NIST 800-53, FedRAMP, and Federal ATO processes
• Excellent analytical and problem solving skills to identify and address cybersecurity issues

*These skills are guidelines, not hard and fast rules. You don’t have to meet every qualification listed. If your skills are transferable and you meet the minimum requirements, we encourage you to apply. 

Location: Fort Collins, CO; El Segundo, CA or Remote

Classification: Full time Exempt (computer employee exemption)

Annual Compensation: $135,000 - $170,000

Equity, Diversity & Inclusion are key to our success. We are an Equal Opportunity Employer and our employees are people with different strengths, experiences and backgrounds, who share a passion for creating a safer, more connected world. Diversity not only includes race and gender identity, but also age, disability status, veteran status, sexual orientation, religion and many other parts of one’s identity. All of our employee’s points of view are key to our success, and we embrace individuality.