Information Security Manager

JOB SUMMARY:

The Information Security Manager is a senior-level role within the information security team responsible for establishing and maintaining effective operations and governance practices in North America. This role plays a critical role in ensuring that Securitas information security operations and risk management processes align with industry best practices, regulatory requirements, and business objectives.

ESSENTIAL FUNCTIONS

• The functions listed describe the business purpose of this job or position. Specific duties or tasks may vary and be documented separately. An associate might or might not be required to perform all functions listed. Additional duties may be assigned, and functions may be modified, according to business necessity.

• All assigned duties or tasks are deemed to be part of the essential functions, unless such duties or tasks are unrelated to the functions listed, in which case they are deemed to be other (non-essential) functions.

• Associates are held accountable for successful job performance. Job performance standards may be documented separately, and may include functions, objectives, duties or tasks not specifically listed herein.

• In performing functions, duties or tasks, associates are required to know and follow safe work practices, and to be aware of company policies and procedures related to job safety, including safety rules and regulations. Associates are required to notify superiors upon becoming aware of unsafe working conditions.

• All functions, duties or tasks are to be carried out in an honest, ethical and professional manner, and to be performed in conformance with applicable company policies and procedures. In the event of uncertainty or lack of knowledge of company policies and procedures, associates are required to request clarification or explanations from superiors or authorized company representatives.

RELEVANT RESPONSIBILITIES

• Coordinate day-to-day Security Operations across Securitas teams.

• Oversee Managed Security Service Provider ensuring vendor provides the essential information security services.

• Manage a comprehensive approach to identifying, assessing and remediating information security vulnerabilities.

• Ensure security policies are communicated to relevant stakeholders and regularly reviewed and updated regularly to address emerging threats, regulatory changes, and business needs.

• Establish and maintain a security governance committee or similar governance structure to provide oversight and strategic direction for cybersecurity initiatives.

• Collaborate with business units and IT teams to ensure that risk management practices are integrated into Securitas' overall risk management framework.

• Define and implement a security framework that aligns with industry standards and regulations (e.g., ISO 27001, NIST Cybersecurity Framework).

• Conduct regular risk assessments to identify and prioritize cybersecurity risks to Securitas' assets, including information systems, networks, and data.

• Establish and maintain processes and criteria for assessing and managing the cybersecurity risks associated with third-party vendors and partners.

• Standardize, improve, and lead responses to customer requests specific to cybersecurity intended to ensure trust and serve both new and existing clients.

• Define and track key security metrics to measure the effectiveness of security controls, risk management practices, and compliance efforts.

• Prepare and deliver regular reports on security performance, risk trends, and incident response activities to senior management.

MINIMUM QUALIFICATIONS AT ENTRY

Additional qualifications may be specified and receive preference, depending upon the nature of the position.

Education/Experience:

• Bachelor's or master's degree in a relevant field such as Cybersecurity, Information Security, Risk Management, or equivalent work experience.

• 7-10 years in a similar role, demonstrating expertise in security governance, risk management, and compliance.

• Professional certifications such as CISSP, CISM, CRISC, or equivalent are highly desirable.

Competencies (as demonstrated through experience, training, and/or testing):

• Experience in managing and coordinating security operations including incident response and vulnerability management.

• Strong knowledge of security best practices, frameworks, and regulations, such as ISO 27001, NIST Cybersecurity Framework, GDPR, etc.

• Ability to lead and collaborate with cross-functional teams and drive consensus on security governance and risk management matters.

• Excellent understanding of security principles, technologies, and best practices.

• Strong communication and interpersonal skills to effectively engage with stakeholders at all levels of Securitas.

• Ability to work collaboratively in a team environment and build effective relationships with stakeholders at all levels of Securitas.

Working Conditions and Physical/Mental Demands

With or without reasonable accommodation, requires the physical and mental capacity to effectively perform all essential functions. In addition to other demands, the demands of the job include:

• Maintaining composure in dealing with executives, clients, prospects, and staff, in group settings and in situations requiring high performance and results.

• Must undergo and meet company standards for background and reference checks, controlled substance testing, and behavioral selection survey.

• Handling and being exposed to sensitive and confidential information.

• Required ability to handle multiple tasks concurrently.

• Occasional lifting up to 10 pounds.

EOE M/F/Vets/Disabilities

About Us

Securitas employees come from all walks of life, bringing with them a variety of distinctive skills and perspectives. United through our common purpose, we provide the security needed to safeguard our clients' assets and people. Our core values - Integrity, Vigilance and Helpfulness - are represented by the three red dots in the Securitas logo. If you live by these values, we're looking for you to join the Securitas team.

About the Team

Our Company Mission

Securitas' mission is to protect homes, workplaces, and communities by providing the security services they need to protect their assets, safeguard their people, and maintain their ability to generate profits.

Our Values

Securitas' core values - Integrity, Vigilance and Helpfulness - are the foundation for our employees to build trust with customers, colleagues, and the surrounding community.

Integrity

Securitas employees are honest and trusted by customers to safeguard their premises and valuables. We don't compromise on integrity and create an open forum for our employees and customers to voice opinions, report improprieties, and share information.

Vigilance

Seeing, hearing, and evaluating. A Securitas employee is always attentive and often notices things that others don't. Their vigilance is necessary in order to be aware of potential risks or incidents that may take place on our customers' premises.

Helpfulness

As part of an on-going effort to ensure safety, Securitas employees are always ready to help if an incident occurs that requires intervention regardless of whether or not it is directly related to their job.