Senior Manager, Cloud & Information Security

• Define and execute the information security strategy aligned to business objectives and growth plans
• Establish a scalable security operating model, policies, and standards
• Advise executive leadership on risk posture, threat landscape, and investment priorities
• Establish and maintain incident response plans, including escalation and recovery procedures
• Lead investigations and post-incident reviews to strengthen controls
• Establish governance and control standards for identity and access management, including access reviews, privileged access, segregation of duties, least privilege, and role-based access controls
• Partner with Cloud Operations, Enterprise Systems, Data & Integration, and Development teams to embed security into architecture and delivery
• Establish vulnerability management standards, remediation priorities, and reporting governance
• Ensure secure design and integration across ERP, cloud platforms, and enterprise applications
• Develop and execute security awareness and training programs
• Promote a culture of security accountability across all levels of the organization
• Establish and manage third-party risk assessment processes
• Evaluate vendor security posture and enforce contractual security requirements
• Define and track security KPIs/KRIs (e.g., incident response time, control effectiveness, vulnerability remediation)
• Oversee security monitoring, threat detection, and incident response capabilities
• Deliver regular reporting to executive leadership and board-level stakeholders
• Continuously improve security posture through benchmarking and maturity assessments
• Build, mentor, and develop a high-performing security organization aligned to business growth and operational maturity objectives

Minimum Qualifications (Knowledge, Skills, and Abilities)

• Strong knowledge of security frameworks (NIST CSF, ISO 27001, CIS Controls)
• Experience with security technologies (SIEM, EDR, IAM, vulnerability management tools)
• Experience securing Microsoft 365, Azure, identity platforms, and SaaS-based enterprise environments
• Understanding of cloud security (Azure preferred), enterprise applications, and network security
• Strong interpersonal skills including excellent written, verbal, listening, critical thinking, presentation and facilitation skills
• Ability to establish working relationships with stakeholders at all levels
• Effective problem-solving skills with attention to detail
• Customer Service oriented
• Effectively influences  senior leaders and business leaders on industry trends and emerging technologies in anticipation of new business processes and systems; challenge the status quo in support of the technology direction
• Exceptional management & organizational skills enabling real time prioritization and a strong ability for holding the team accountable to results
• Demonstrated success in organizational development and change management
• Proven ability to engage, motivate, and develop direct and indirect reports

Education/Certifications

• Bachelor's Degree or equivalent years of relevant work experience is required
• 10+ years of progressive experience in information security, including leadership roles
• Experience building or maturing a security program in a growth-stage or transforming organization
• CISSP, CISM, CISA, or equivalent preferred