Bachelor's degree in Information Security, Computer Science, or a related discipline required; Master's preferred.
Minimum 5-8 years of experience in information security or risk management roles.
Strong knowledge of HIPAA Security Rule, NIST CSF, CIS Controls, and ISO 27001 frameworks.
Experience with governance, risk, and compliance (GRC) tools and risk tracking systems.
Demonstrated ability to manage incident response and vulnerability management programs.
Excellent analytical, communication, and stakeholder engagement skills.
Professional certifications such as CISSP, CISM, or CRISC preferred.
Work Environment:
Hybrid or remote work options available based on business needs.
Occasional travel for audits, conferences, or corporate meetings.
Physical Requirements:
Requires the ability to write, dictate or use a keyboard to communicate directives.
Utilizes proper body mechanics in various environments.
Requires the ability to function in multiple environments due to travel requirements.
FLSA Status : Exempt
EEO Status : First/Mid-Level Officials and Managers
Benefits + Perks of Joining the Team Select Family
Medical, Dental, and Vision Insurance
Paid Time Off and Paid Sick Time
401(k)
Referral Program
Pay Range: $120,000 / salary
Benefits
Dental insuranceVision insurance401(k)Remote work options
Additional Information
The Information Security Manager leads the design, implementation, and continuous enhancement of the organization's cybersecurity program under the Security Officers guidance. This position ensures that technical and administrative safeguards align with HIPAA, CIS, NIST, and other regulatory frameworks. The role serves as a program owner across key domains including control governance, incident response, third-party risk management, and policy development, driving a culture of proactive risk management and compliance.
Duties/Responsibilities:
Design, implement, and manage the enterprise-wide cybersecurity framework.
Develop, maintain, and enforce information security policies, standards, and procedures aligned with regulatory and industry best practices.
Map and manage controls across HIPAA, NIST CSF, CIS Controls, and related frameworks.
Oversee governance platforms to track risks, evidence, and control ownership.
Lead third-party risk management activities, including security assessments, contract reviews, and lifecycle oversight.
Support Data Loss Prevention (DLP), vulnerability management, and incident response processes to detect and mitigate threats.
Coordinate internal and external audit activities, ensuring timely remediation of findings.
Deliver security awareness training and mentorship to junior team members.
Participate in executive and governance committees to represent the information security function and provide strategic guidance.
Teamselecthh · Phoenix