Vaco
Overview
IT Security Manager | 455881
Location: Fort Worth, TX 76117 (onsite 4-5 days per week)
Position Type: Direct-Hire
Hourly / Salary: to $160K + bonus structure
Job Summary Vaco Technology is currently seeking a Security Manager for a Direct-Hire opportunity located in Fort Worth, TX 76117 (onsite 4-5 days per week). The Security Manager is a newly created and pivotal role, responsible for developing and executing a comprehensive cybersecurity strategy to protect systems, data, and digital assets across a hybrid cloud (AWS) and OnPrem environment, supporting store operations, franchise partners, and guests. The Manager should have solid experience working with a CISO, exposure to mature security practices, and a clear grasp of effective cybersecurity strategies, particularly in advancing NIST maturity levels. This role requires a hands-on security leader who balances strategy with execution, builds strong policies and governance, maintains a resilient security posture within budget, excels in vendor management, process improvement, and Agile project management, and can communicate a clear plan to strengthen security across the organization. The role involves a non-tool-dependent approach, wearing multiple hats, and supporting both Security and broader IT functions.
Responsibilities
Lead the Development of Security Policies / Standards / Procedures - Advancing the NIST Maturity Level | NIST / PCI / DSS / GDPR Best Practices
Manage Multiple Relationships with Multiple Security Vendors (Fortinet / Elementrix / Barracuda / OKTA / NOC/SOC Platform, etc.) / Potential MSP Vendors - Focusing on Consolidating Complex Vendor Landscapes / Optimizing Investments
NAVigate Hybrid IT Environment Transitioning from VMware VxRail to AWS utilizing Fortinet / Elementrix / Barracuda / OKTA, etc. | Prioritizing Policy Development Over Immediate Tool Optimization
Oversee a Small Team - 1 Local Support Resource / 1 Network Engineer / 3rd Party Helpdesk Team in Denver, CO (7-10 members / not fully dedicated)
Coordinate Audits / Vulnerability Assessments / Remediation Efforts - Collaborating with IT / Business Stakeholders, Embedding Security Controls / Mentoring Team Members
Deliver 30-60-90 Day Roadmap - Outlining Tactical Execution of Security Initiatives, Leveraging Agile to Prioritize / Manage Projects
Address Identified Gaps in Recent Audits - Establishing Robust Governance Frameworks / SOPs, Ensuring Compliance / Consistency
Strategically Lead / Align Security Initiatives with Business Objectives - Supporting Franchise Partners / Maintaining Guest Trust / Working within Budget Constraints / Achieving Maximum Impact
Complex Vendor Landscape The current vendor landscape is a disorganized and multifaceted ecosystem with multiple vendors. Relationships have been grown organically and added over time without a centralized strategy, leading to fragmentation. An additional MSP has been engaged to support remediation efforts after recent audits. The Security Manager will consolidate vendor relationships, identify and remediate overlapping services, and design standardization with effective integration. This requires strong organizational and strategic skills to streamline vendor relationships, manage risks, and optimize investments.
Fortinet (FortiManager / FortiAnalyzer) - Network Security
Elementrix - Endpoint Telemetry
SentinelOne - Endpoint Detection (to be phased out by the end of 2025)
Barracuda - Email Filtering
OKTA - Identity Management
NOC / SOC Platform (managed by a 3rd Party Vendor)
Job Requirements
IT Security Manager (5+ years) - Leading Security Programs / Projects / Teams | Vendor Management / Optimization / Consolidation
Security Frameworks - Deep Understanding of NIST / CIS Controls / ISO 27001 | Compliance Requirements (PCI DSS / GDPR)
Cloud Security - AWS / Azure (extensive / hands-on) | IAM / Cloud Security Controls / Monitoring
On-Prem Security Infrastructure - Firewalls / IDS/IPS / Endpoint Protection (EDR) / Secure Network Architecture
Security Operations - Leading Security Audits / Vulnerability Assessments / Pen Testing / Incident Response
Enterprise Security - Building / Implementing / Managing Security Frameworks Across Hybrid (Cloud / On-Prem) Multi-Location Enterprise Environments
Third-Party Risk / Vendor Management - Managing Third-Party Risk Assessment Programs / Vendor Management Processes
Agile Project Management - Proficiency in Agile Methodologies / Sprint Planning / Iterative Delivery Processes
Budget / Resource Management - Effective Budget Management / Resource Allocation for Security Initiatives
Compliance Management (hands-on) - Managing Compliance with PCI DSS (QSR / Retail) / GDPR / SOX / HIPAA
Agile / DevSecOps Environments - Integrating Security into Continuous Development / Operations Processes
Vaco by Highspring values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.
EEO Notice: Vaco by Highspring is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race, color, sex, religion, national origin, citizenship, age, disability, veteran status, or any other protected characteristics as required by law.
Privacy Notice: Vaco by Highspring respects your privacy and provides transparent notice of our policies.
#J-18808-Ljbffr
Location: Fort Worth, TX 76117 (onsite 4-5 days per week)
Position Type: Direct-Hire
Hourly / Salary: to $160K + bonus structure
Job Summary Vaco Technology is currently seeking a Security Manager for a Direct-Hire opportunity located in Fort Worth, TX 76117 (onsite 4-5 days per week). The Security Manager is a newly created and pivotal role, responsible for developing and executing a comprehensive cybersecurity strategy to protect systems, data, and digital assets across a hybrid cloud (AWS) and OnPrem environment, supporting store operations, franchise partners, and guests. The Manager should have solid experience working with a CISO, exposure to mature security practices, and a clear grasp of effective cybersecurity strategies, particularly in advancing NIST maturity levels. This role requires a hands-on security leader who balances strategy with execution, builds strong policies and governance, maintains a resilient security posture within budget, excels in vendor management, process improvement, and Agile project management, and can communicate a clear plan to strengthen security across the organization. The role involves a non-tool-dependent approach, wearing multiple hats, and supporting both Security and broader IT functions.
Responsibilities
Lead the Development of Security Policies / Standards / Procedures - Advancing the NIST Maturity Level | NIST / PCI / DSS / GDPR Best Practices
Manage Multiple Relationships with Multiple Security Vendors (Fortinet / Elementrix / Barracuda / OKTA / NOC/SOC Platform, etc.) / Potential MSP Vendors - Focusing on Consolidating Complex Vendor Landscapes / Optimizing Investments
NAVigate Hybrid IT Environment Transitioning from VMware VxRail to AWS utilizing Fortinet / Elementrix / Barracuda / OKTA, etc. | Prioritizing Policy Development Over Immediate Tool Optimization
Oversee a Small Team - 1 Local Support Resource / 1 Network Engineer / 3rd Party Helpdesk Team in Denver, CO (7-10 members / not fully dedicated)
Coordinate Audits / Vulnerability Assessments / Remediation Efforts - Collaborating with IT / Business Stakeholders, Embedding Security Controls / Mentoring Team Members
Deliver 30-60-90 Day Roadmap - Outlining Tactical Execution of Security Initiatives, Leveraging Agile to Prioritize / Manage Projects
Address Identified Gaps in Recent Audits - Establishing Robust Governance Frameworks / SOPs, Ensuring Compliance / Consistency
Strategically Lead / Align Security Initiatives with Business Objectives - Supporting Franchise Partners / Maintaining Guest Trust / Working within Budget Constraints / Achieving Maximum Impact
Complex Vendor Landscape The current vendor landscape is a disorganized and multifaceted ecosystem with multiple vendors. Relationships have been grown organically and added over time without a centralized strategy, leading to fragmentation. An additional MSP has been engaged to support remediation efforts after recent audits. The Security Manager will consolidate vendor relationships, identify and remediate overlapping services, and design standardization with effective integration. This requires strong organizational and strategic skills to streamline vendor relationships, manage risks, and optimize investments.
Fortinet (FortiManager / FortiAnalyzer) - Network Security
Elementrix - Endpoint Telemetry
SentinelOne - Endpoint Detection (to be phased out by the end of 2025)
Barracuda - Email Filtering
OKTA - Identity Management
NOC / SOC Platform (managed by a 3rd Party Vendor)
Job Requirements
IT Security Manager (5+ years) - Leading Security Programs / Projects / Teams | Vendor Management / Optimization / Consolidation
Security Frameworks - Deep Understanding of NIST / CIS Controls / ISO 27001 | Compliance Requirements (PCI DSS / GDPR)
Cloud Security - AWS / Azure (extensive / hands-on) | IAM / Cloud Security Controls / Monitoring
On-Prem Security Infrastructure - Firewalls / IDS/IPS / Endpoint Protection (EDR) / Secure Network Architecture
Security Operations - Leading Security Audits / Vulnerability Assessments / Pen Testing / Incident Response
Enterprise Security - Building / Implementing / Managing Security Frameworks Across Hybrid (Cloud / On-Prem) Multi-Location Enterprise Environments
Third-Party Risk / Vendor Management - Managing Third-Party Risk Assessment Programs / Vendor Management Processes
Agile Project Management - Proficiency in Agile Methodologies / Sprint Planning / Iterative Delivery Processes
Budget / Resource Management - Effective Budget Management / Resource Allocation for Security Initiatives
Compliance Management (hands-on) - Managing Compliance with PCI DSS (QSR / Retail) / GDPR / SOX / HIPAA
Agile / DevSecOps Environments - Integrating Security into Continuous Development / Operations Processes
Vaco by Highspring values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.
EEO Notice: Vaco by Highspring is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race, color, sex, religion, national origin, citizenship, age, disability, veteran status, or any other protected characteristics as required by law.
Privacy Notice: Vaco by Highspring respects your privacy and provides transparent notice of our policies.
#J-18808-Ljbffr