Information Security Manager

Remote
Contracted to Full Time
Mid Level

M&S Consulting was conceived in 2002 with the vision of creating highly effective teams of elite consultants to deliver strategic process and technology solutions to enterprise organizations across the US. Our commitment to delivery in complex environments and long-term customer success has merged process and technology into innovative solutions, established deep pockets of expertise, and enabled innovative transformation for evolving businesses.

We have intentionally cultivated steady growth focused on being approachable and helpful to our dearly valued clients and closely cared-for employees. M&S people simply “care hard”, and this reflects in our work products, our interactions, and our culture.

Summary:

The Information Security Manager is responsible for safeguarding all IT infrastructure by monitoring security operations, responding to threats, remediating issues, and maintaining security applications and technologies. This role collaborates with the compliance team to ensure information security policies align with customer requirements and regulatory standards. The Information Security Manager continuously evaluates threats and risks to maintain strong security posture, implements appropriate preventative controls and protocols, and partners with internal and external auditors to assess and enhance the security program. Additionally, this role is responsible for employee security training and the overall management of information security operations.  

Essential Job Functions:

  • Partner with senior management, infrastructure managers, engineers, technicians, business stakeholders, customers, and vendors to develop, implement and maintain the enterprise information security strategy and roadmap.
  • Continuously analyze all risk vectors on the attack surface to create a risk respond plan, security posture, and help business understand and co-manage risks appropriately.
  • Ensure the protection and operation of IT infrastructure and applications. 
  • Manage day-to-day security operations (threat detection, respond, remediation, perform digital forensics, incident management, problem management, change management, vulnerability management, monitoring, and compliance)
  • Lead and support continuous improvement projects to deploy, consolidate, enhance, and/or secure enterprise IT systems and services.
  • Provide security expertise during daily infrastructure standup meetings to address emerging threats and operational security concerns. 
  • Ensure proper configuration of servers and endpoints, ensuring that they are maintained, monitored, updated, patched, secured; maintain up time as close as possible to 99.90%.
  • Manage the security of LAN, WAN, networking equipment (i.e. switches, routers, firewalls, access points, SDWAN) to ensure they are properly configured, maintained, monitored, updated, patched, secured, with uptime as close as possible to 99.90%.
  • Ensure cloud infrastructure, including Microsoft tenant, Azure Active Directory (now Microsoft Entra ID),  Teams, SharePoint, UCaaS (Fusion Connect, Net2Phone), and all other Microsoft productivity applications, maintaining uptime targets of 99.90%.
  • Proactively monitor the infrastructure eco system to properly scale, grow, and secure in concert with business growth and new program development. 
  • Ensure proper back up and disaster recovery are in place and proactively monitored to achieve service level agreements (SLAs) for Recovery Point Objective (RPO) and Recovery Time Objective (RTO).-
  • Ensure the protection of data privacy.
  • Manage and Maintain controls in compliance with NIST 800 171 and CMMC 2.0 requirements.
  • Support licensing compliance and licensing annual true-up activities.
  • Support customer and regulatory compliance audits.
  • Assist and adhere to ITGC compliance requirements. 
  • Oversee end-users access management throughout the organization.
  • Conduct and assist with regularly scheduled user access reviews in active directory and other applications as needed.
  • Collaborate with IT project managers with strategic and important projects. 
  • Maintain current and accurate documentation for the following:  SOP (standard operating procedures, processes, contracts, software licensing, managed services, systems, and networks
  • Stay informed on emerging trends and technologies in IT, ensuring that the organization remains competitive and protective. 

Job Skills:

  • Strong proficiency with network and cloud security management.
  • Incident response, perform digital forensics, create, execute, and maintain incident response plan. 
  • Programming and scripting in PowerShell and SQL. 
  • Risk assessment and risk response plan.
  • Penetration testing
  • User training
  • Critical thinking, technical curiosity, deliver results, and cross functional collaboration.
  • Proficient in Microsoft 365, Microsoft Azure, Microsoft Entra, Windows Remote Desktop, Active Directory administration, VMware vCenter, Cisco networking, server administration, LAN/WAN administration, UCaaS.
  • Familiar with planning, purchasing, and sourcing.
  • An energetic, forward-thinking, proactive, and creative individual with high ethical standards.
  • Ability to be flexible and able to function comfortably in a fast paced, constantly changing, and ambiguous environment.
  • Strong Business Acumen with the ability to understand the business and be able to align IT strategies with business objectives, as well as communicate the value of IT initiatives to business leaders.
  • Positive attitude with a strong sense of urgency and ownership of quality work deliverables.

Education & Experience:

  • Bachelor’s degree in Information Technology field or related field preferred, or a minimum of five (5) years of experience in information Security or IT.
  • Five (5) years of progressive experience in professional IT position(s) required. 
  • Minimum of tow (2) years of experience managing information security program is required.
  • A strong technical background in a variety of IT areas is required.
  • Experience with IT Service Management (ITSM) systems is strongly preferred.
  • Industry experience in manufacturing, aerospace, military, and defense, or cable assembly is preferred. 
  • US Citizen or Green Card Holder preferred based on Federal Government contracts

Certifications, Licenses, Registrations:

  • Strongly Preferred:  CompTIA Security +, CISSP (Certified Information System Security Professional), CISM (Certified Information Security Manager), CEH (Certified eEhical Hacker), CompTIA A+, CompTIA Server+, CompTIA Network+, CompTIA PenTest+, CCSP (Certified Cloud Security Professional). 

 

*M&S Consulting proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a protected veteran, or any other characteristic protected by law.

Share

Apply for this position

Required*
Apply with Indeed
We've received your resume. Click here to update it.
Attach resume or Paste resume
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status


Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 04/30/2026
Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Please check one of the boxes below:

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

You must enter your name and date
Human Check*