Information Security Manager

Overview

JOB TITLE:

Information Security Manager - Multiple Levels Available

CAYUSE COMPANY:

Cayuse Civil Services, LLC

LOCATION

Austin, TX - Hybrid (3 day remote | Mon & Fri Onsite)

SALARY:

Based on experience and position level

**This position is posted for future opportunities. Please submit your application to be considered for similar upcoming roles**

Responsibilities

The Work

The Information Security Manager is responsible for ensuring the organization's data, systems, and networks remain secure against internal and external threats. They lead the development, implementation, and monitoring of information security policies, practices, and controls to protect the company's information assets and technology infrastructure. This position plays a critical role in identifying vulnerabilities, evaluating security risks, and responding promptly to security incidents, ensuring regulatory compliance and adherence to best practices.

This position aligns with Cayuse's core values of Innovation, Excellence, Collaboration, Adaptability, and Integrity by fostering technical solutions that meet customer needs, promoting teamwork, and prioritizing quality in deliverables.

Key Responsibilities

• Develop, implement, and continuously improve organizational information security policies, standards, and procedures.
• Ensure alignment of security policies with organizational goals, regulatory requirements, and industry best practices (e.g., NIST, ISO 27001).
• Monitor and enforce compliance with security standards for staff and third-party vendors.
• Conduct regular audits, gap analyses, and performance assessments of security policies and controls, addressing deficiencies and making recommendations.
• Conduct periodic risk assessments for IT systems, infrastructure, and vendors to identify vulnerabilities, threats, and weaknesses.
• Work with internal teams to mitigate known vulnerabilities and prioritize remediation strategies.
• Utilize vulnerability scanning tools and methodologies to proactively safeguard systems.
• Supervise the management and monitoring of security information and event management (SIEM) systems to promptly detect and respond to security breaches.
• Direct security incident response efforts, including managing containment, analysis, and remediation actions, and leading post-incident investigations.
• Analyze root causes of security violations and design proactive measures to prevent recurrence.
• Collaborate with cybersecurity teams, IT departments, and third-party vendors in supporting a robust incident response process.
• Oversee the configuration, management, and monitoring of security systems, such as firewalls, intrusion detection/prevention systems, encryption protocols, and antivirus software.
• Safeguard sensitive data by managing access controls and permissions, ensuring compliance with data protection regulations such as GDPR, HIPAA, and CCPA.
• Implement and enforce secure protocols for data at rest, in transit, and during processing.
• Develop and deliver ongoing cybersecurity awareness and training programs to all organizational employees.
• Advocate for a security-first culture by providing guidance and resources to non-technical teams.
• Conduct phishing simulations and other exercises to assess and improve employee preparedness.
• Ensure compliance with relevant laws, regulations, and standards, such as SOC 2, PCI DSS, FISMA, or other industry-specific requirements.
• Maintain detailed documentation and prepare reports for stakeholders, auditors, and regulatory organizations.
• Other duties as assigned .

Qualifications

Qualifications - Here's What You Need

The qualifications and skills listed below are intended to provide a general overview of the requirements for this position. However, due to the anticipated nature of the contract and the absence of a finalized task order from the client, this list should not be considered all-encompassing. Additional qualifications, certifications, skills, or experience specific to the client's requirements may be identified and requested upon award of the task order. Candidates should demonstrate flexibility and a willingness to adapt to evolving responsibilities as outlined by the client.

• Level 1: 1-3 years of experience in the field or in a related area. Has knowledge of commonly used concepts, practices, and procedures within a particular field. Relies on instructions and pre-established guidelines to perform the functions of the job. Primary job functions do not typically require exercising independent judgment .

• Level 2: 4-7 years of experience in the field or in a related area. Familiar with standard concepts, practices, and procedures within a particular field. Relies on limited experience and judgment to plan and accomplish goals . A certain degree of creativity and latitude is required . Works under limited supervision with considerable latitude for the use of initiative and independent judgment .

• Level 3: 8 or more years of experience, relies on experience and judgment to plan and accomplish goals, independently performs a variety of complicated tasks, a wide degree of creativity and latitude is expected.

Minimum Skills:

• Exceptional interpersonal skills with the ability to communicate in a clear, professional, and articulate manner.
• Exceptional verbal and written communication skills .
• Excellent organizational, analytical, and problem-solving skills with high-level attention to detail.
• Ability to analyze systems and procedures
• Strong multitasking skills with the ability to manage multiple design streams across concurrent work effort.
• Must be self-motivated and able to work well independently as well as on a multi-functional team.
• Ability to handle sensitive and confidential information appropriately .

Desired Qualifications:

• Bachelor's degree in Information Technology , Cybersecurity, Computer Science, or a related .
• Minimum of 5 years of experience in information security, cybersecurity, or IT risk management.
• At least 2 years in a leadership or managerial role in information security .

Our Commitment to you / overview of benefits

• Medical, Dental and Vision Insurance; Wellness Program
• Flexible Spending Accounts (Healthcare, Dependent Care, Commuter)
• Short-Term and Long-Term Disability options
• Basic Life and AD&D Insurance (Company Provided)
• Voluntary Life and AD&D options
• 401(k) Retirement Savings Plan with matching after one year
• Paid Time Off

Reports to: Program Manager

Working Conditions

• Professional office environment , with the ability to work onsite in the main office .
• Must reside in the Austin area.
• Must be physically and mentally able to perform duties extended periods of time.
• Ability to use a computer and other office productivity tools with sufficient speed to meet the demands of this position.
• Must be able to establish a productive and professional workspace.
• Must be able to sit for long periods of time looking at computer screen .
• May be asked to work a flexible schedule which may include holidays.
• May be asked to travel for business or professional development purposes.
• May be asked to work hours outside of normal business hours.
• T ravel costs, per diem, and other related expenses must be pre-approved in compliance with State of Texas travel guidelines.

Other Duties: Please note this job description is not designed to cover or contain a comprehensive list of activities, duties or responsibilities that are required of the employee for this job . Duties, responsibilities, and activities may change at any time with or without notice.

Cayuse is an Equal Opportunity Employer.  All employment decisions are based on merit, qualifications, skills, and abilities. All qualified applicants will receive consideration for employment in accordance with any applicable federal, state, or local law.

Pay Range

USD $100,000.00 - USD $160,000.00 /Yr.