Vaco
Overview
IT Security Manager | 455881 Location: Fort Worth, TX 76117 (onsite 4-5 days per week) Position Type: Direct-Hire Hourly / Salary: to $160K + bonus structure Job Summary
Vaco Technology is currently seeking a Security Manager for a Direct-Hire opportunity located in Fort Worth, TX 76117 (onsite 4-5 days per week). The Security Manager is a newly created and pivotal role, responsible for developing and executing a comprehensive cybersecurity strategy to protect systems, data, and digital assets across a hybrid cloud (AWS) and OnPrem environment, supporting store operations, franchise partners, and guests. The Manager should have solid experience working with a CISO, exposure to mature security practices, and a clear grasp of effective cybersecurity strategies, particularly in advancing NIST maturity levels. This role requires a hands-on security leader who balances strategy with execution, builds strong policies and governance, maintains a resilient security posture within budget, excels in vendor management, process improvement, and Agile project management, and can communicate a clear plan to strengthen security across the organization. The role involves a non-tool-dependent approach, wearing multiple hats, and supporting both Security and broader IT functions. Responsibilities Lead the Development of Security Policies / Standards / Procedures - Advancing the NIST Maturity Level | NIST / PCI / DSS / GDPR Best Practices Manage Multiple Relationships with Multiple Security Vendors (Fortinet / Elementrix / Barracuda / OKTA / NOC/SOC Platform, etc.) / Potential MSP Vendors - Focusing on Consolidating Complex Vendor Landscapes / Optimizing Investments NAVigate Hybrid IT Environment Transitioning from VMware VxRail to AWS utilizing Fortinet / Elementrix / Barracuda / OKTA, etc. | Prioritizing Policy Development Over Immediate Tool Optimization Oversee a Small Team - 1 Local Support Resource / 1 Network Engineer / 3rd Party Helpdesk Team in Denver, CO (7-10 members / not fully dedicated) Coordinate Audits / Vulnerability Assessments / Remediation Efforts - Collaborating with IT / Business Stakeholders, Embedding Security Controls / Mentoring Team Members Deliver 30-60-90 Day Roadmap - Outlining Tactical Execution of Security Initiatives, Leveraging Agile to Prioritize / Manage Projects Address Identified Gaps in Recent Audits - Establishing Robust Governance Frameworks / SOPs, Ensuring Compliance / Consistency Strategically Lead / Align Security Initiatives with Business Objectives - Supporting Franchise Partners / Maintaining Guest Trust / Working within Budget Constraints / Achieving Maximum Impact
Complex Vendor Landscape
The current vendor landscape is a disorganized and multifaceted ecosystem with multiple vendors. Relationships have been grown organically and added over time without a centralized strategy, leading to fragmentation. An additional MSP has been engaged to support remediation efforts after recent audits. The Security Manager will consolidate vendor relationships, identify and remediate overlapping services, and design standardization with effective integration. This requires strong organizational and strategic skills to streamline vendor relationships, manage risks, and optimize investments. Fortinet (FortiManager / FortiAnalyzer) - Network Security Elementrix - Endpoint Telemetry SentinelOne - Endpoint Detection (to be phased out by the end of 2025) Barracuda - Email Filtering OKTA - Identity Management NOC / SOC Platform (managed by a 3rd Party Vendor)
Job Requirements
IT Security Manager (5+ years) - Leading Security Programs / Projects / Teams | Vendor Management / Optimization / Consolidation Security Frameworks - Deep Understanding of NIST / CIS Controls / ISO 27001 | Compliance Requirements (PCI DSS / GDPR) Cloud Security - AWS / Azure (extensive / hands-on) | IAM / Cloud Security Controls / Monitoring On-Prem Security Infrastructure - Firewalls / IDS/IPS / Endpoint Protection (EDR) / Secure Network Architecture Security Operations - Leading Security Audits / Vulnerability Assessments / Pen Testing / Incident Response Enterprise Security - Building / Implementing / Managing Security Frameworks Across Hybrid (Cloud / On-Prem) Multi-Location Enterprise Environments Third-Party Risk / Vendor Management - Managing Third-Party Risk Assessment Programs / Vendor Management Processes Agile Project Management - Proficiency in Agile Methodologies / Sprint Planning / Iterative Delivery Processes Budget / Resource Management - Effective Budget Management / Resource Allocation for Security Initiatives Compliance Management (hands-on) - Managing Compliance with PCI DSS (QSR / Retail) / GDPR / SOX / HIPAA Agile / DevSecOps Environments - Integrating Security into Continuous Development / Operations Processes
Vaco by Highspring values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. EEO Notice: Vaco by Highspring is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race, color, sex, religion, national origin, citizenship, age, disability, veteran status, or any other protected characteristics as required by law. Privacy Notice: Vaco by Highspring respects your privacy and provides transparent notice of our policies. #J-18808-Ljbffr
IT Security Manager | 455881 Location: Fort Worth, TX 76117 (onsite 4-5 days per week) Position Type: Direct-Hire Hourly / Salary: to $160K + bonus structure Job Summary
Vaco Technology is currently seeking a Security Manager for a Direct-Hire opportunity located in Fort Worth, TX 76117 (onsite 4-5 days per week). The Security Manager is a newly created and pivotal role, responsible for developing and executing a comprehensive cybersecurity strategy to protect systems, data, and digital assets across a hybrid cloud (AWS) and OnPrem environment, supporting store operations, franchise partners, and guests. The Manager should have solid experience working with a CISO, exposure to mature security practices, and a clear grasp of effective cybersecurity strategies, particularly in advancing NIST maturity levels. This role requires a hands-on security leader who balances strategy with execution, builds strong policies and governance, maintains a resilient security posture within budget, excels in vendor management, process improvement, and Agile project management, and can communicate a clear plan to strengthen security across the organization. The role involves a non-tool-dependent approach, wearing multiple hats, and supporting both Security and broader IT functions. Responsibilities Lead the Development of Security Policies / Standards / Procedures - Advancing the NIST Maturity Level | NIST / PCI / DSS / GDPR Best Practices Manage Multiple Relationships with Multiple Security Vendors (Fortinet / Elementrix / Barracuda / OKTA / NOC/SOC Platform, etc.) / Potential MSP Vendors - Focusing on Consolidating Complex Vendor Landscapes / Optimizing Investments NAVigate Hybrid IT Environment Transitioning from VMware VxRail to AWS utilizing Fortinet / Elementrix / Barracuda / OKTA, etc. | Prioritizing Policy Development Over Immediate Tool Optimization Oversee a Small Team - 1 Local Support Resource / 1 Network Engineer / 3rd Party Helpdesk Team in Denver, CO (7-10 members / not fully dedicated) Coordinate Audits / Vulnerability Assessments / Remediation Efforts - Collaborating with IT / Business Stakeholders, Embedding Security Controls / Mentoring Team Members Deliver 30-60-90 Day Roadmap - Outlining Tactical Execution of Security Initiatives, Leveraging Agile to Prioritize / Manage Projects Address Identified Gaps in Recent Audits - Establishing Robust Governance Frameworks / SOPs, Ensuring Compliance / Consistency Strategically Lead / Align Security Initiatives with Business Objectives - Supporting Franchise Partners / Maintaining Guest Trust / Working within Budget Constraints / Achieving Maximum Impact
Complex Vendor Landscape
The current vendor landscape is a disorganized and multifaceted ecosystem with multiple vendors. Relationships have been grown organically and added over time without a centralized strategy, leading to fragmentation. An additional MSP has been engaged to support remediation efforts after recent audits. The Security Manager will consolidate vendor relationships, identify and remediate overlapping services, and design standardization with effective integration. This requires strong organizational and strategic skills to streamline vendor relationships, manage risks, and optimize investments. Fortinet (FortiManager / FortiAnalyzer) - Network Security Elementrix - Endpoint Telemetry SentinelOne - Endpoint Detection (to be phased out by the end of 2025) Barracuda - Email Filtering OKTA - Identity Management NOC / SOC Platform (managed by a 3rd Party Vendor)
Job Requirements
IT Security Manager (5+ years) - Leading Security Programs / Projects / Teams | Vendor Management / Optimization / Consolidation Security Frameworks - Deep Understanding of NIST / CIS Controls / ISO 27001 | Compliance Requirements (PCI DSS / GDPR) Cloud Security - AWS / Azure (extensive / hands-on) | IAM / Cloud Security Controls / Monitoring On-Prem Security Infrastructure - Firewalls / IDS/IPS / Endpoint Protection (EDR) / Secure Network Architecture Security Operations - Leading Security Audits / Vulnerability Assessments / Pen Testing / Incident Response Enterprise Security - Building / Implementing / Managing Security Frameworks Across Hybrid (Cloud / On-Prem) Multi-Location Enterprise Environments Third-Party Risk / Vendor Management - Managing Third-Party Risk Assessment Programs / Vendor Management Processes Agile Project Management - Proficiency in Agile Methodologies / Sprint Planning / Iterative Delivery Processes Budget / Resource Management - Effective Budget Management / Resource Allocation for Security Initiatives Compliance Management (hands-on) - Managing Compliance with PCI DSS (QSR / Retail) / GDPR / SOX / HIPAA Agile / DevSecOps Environments - Integrating Security into Continuous Development / Operations Processes
Vaco by Highspring values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. EEO Notice: Vaco by Highspring is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race, color, sex, religion, national origin, citizenship, age, disability, veteran status, or any other protected characteristics as required by law. Privacy Notice: Vaco by Highspring respects your privacy and provides transparent notice of our policies. #J-18808-Ljbffr