Lumel Technologies
Job Title:
Manager – Information Security Employment Type:
Full-Time
Sponsorship:
Not available (U.S. work authorization required)
About the Role We are seeking a hands‑on
Manager – Information Security
to lead and mature our organization’s information security program. This role will be responsible for ensuring compliance with key frameworks (SOC 2, ISO 27001, GDPR, HIPAA, etc.), overseeing security operations and audits, and guiding the business in implementing best practices for data protection and risk management.
This position is ideal for a
mid‑level security leader
— someone with enough experience to independently manage and improve a program but who is still eager to grow into broader leadership responsibilities over time.
Key Responsibilities
Develop, implement, and maintain the organization’s information security policies, standards, and procedures.
Manage compliance efforts for SOC 2, ISO 27001, GDPR, HIPAA, and related regulatory frameworks.
Serve as primary liaison for internal and external security audits, including coordination with auditors, consultants, and internal stakeholders.
Conduct regular risk assessments and lead remediation efforts.
Oversee the implementation of technical and administrative security controls across systems and data environments.
Partner with IT and business units to ensure security requirements are embedded in projects, applications, and vendor relationships.
Monitor security operations and coordinate incident response activities as needed.
Provide security awareness training and promote a culture of security across the organization.
Prepare reports and brief leadership on security posture, risks, and improvement plans.
Stay current on emerging threats, trends, and regulatory changes impacting information security.
Required Qualifications
Bachelor’s degree
in Information Security, Computer Science, Information Systems, or related field (or equivalent experience).
5+ years
of hands‑on experience in information security management, governance, risk, and compliance.
Demonstrated experience implementing and maintaining controls for
SOC 2, ISO 27001, GDPR, HIPAA .
Strong understanding of cybersecurity principles, risk management, and audit methodologies.
Experience working with or in
audit or consulting firms
supporting compliance engagements.
Proven ability to manage cross‑functional initiatives and communicate effectively with technical and non‑technical stakeholders.
Must have U.S. work authorization
Preferred Qualifications
Relevant certifications such as
CISSP, CISM, CISA, ISO 27001 Lead Implementer/Auditor , or similar.
Experience with cloud security (AWS, Azure, or GCP).
Experience in scaling an InfoSec function and/or leading a small team.
Familiarity with third‑party risk management and vendor due diligence processes.
Opportunity for professional development and future leadership growth.
#J-18808-Ljbffr
Manager – Information Security Employment Type:
Full-Time
Sponsorship:
Not available (U.S. work authorization required)
About the Role We are seeking a hands‑on
Manager – Information Security
to lead and mature our organization’s information security program. This role will be responsible for ensuring compliance with key frameworks (SOC 2, ISO 27001, GDPR, HIPAA, etc.), overseeing security operations and audits, and guiding the business in implementing best practices for data protection and risk management.
This position is ideal for a
mid‑level security leader
— someone with enough experience to independently manage and improve a program but who is still eager to grow into broader leadership responsibilities over time.
Key Responsibilities
Develop, implement, and maintain the organization’s information security policies, standards, and procedures.
Manage compliance efforts for SOC 2, ISO 27001, GDPR, HIPAA, and related regulatory frameworks.
Serve as primary liaison for internal and external security audits, including coordination with auditors, consultants, and internal stakeholders.
Conduct regular risk assessments and lead remediation efforts.
Oversee the implementation of technical and administrative security controls across systems and data environments.
Partner with IT and business units to ensure security requirements are embedded in projects, applications, and vendor relationships.
Monitor security operations and coordinate incident response activities as needed.
Provide security awareness training and promote a culture of security across the organization.
Prepare reports and brief leadership on security posture, risks, and improvement plans.
Stay current on emerging threats, trends, and regulatory changes impacting information security.
Required Qualifications
Bachelor’s degree
in Information Security, Computer Science, Information Systems, or related field (or equivalent experience).
5+ years
of hands‑on experience in information security management, governance, risk, and compliance.
Demonstrated experience implementing and maintaining controls for
SOC 2, ISO 27001, GDPR, HIPAA .
Strong understanding of cybersecurity principles, risk management, and audit methodologies.
Experience working with or in
audit or consulting firms
supporting compliance engagements.
Proven ability to manage cross‑functional initiatives and communicate effectively with technical and non‑technical stakeholders.
Must have U.S. work authorization
Preferred Qualifications
Relevant certifications such as
CISSP, CISM, CISA, ISO 27001 Lead Implementer/Auditor , or similar.
Experience with cloud security (AWS, Azure, or GCP).
Experience in scaling an InfoSec function and/or leading a small team.
Familiarity with third‑party risk management and vendor due diligence processes.
Opportunity for professional development and future leadership growth.
#J-18808-Ljbffr