Information Security Program Manager (Hybrid)

About the role

Hybrid : a hybrid work arrangement may be considered for this position. A hybrid work arrangement refers to splitting time worked between a Barr office and a home office. This position is based out of Barr's Minneapolis, Minnesota, office. Travel requirement: ability to occasionally travel to other offices and sites across the US and Canada. About you - required core competencies Education: bachelor's degree in computer science, information technology, or a related field or equivalent practical experience. Experience: 5+ years of related IT infrastructure or information security experience. Technical skills: Working knowledge of corporate network environments and technologies such as VMware virtualization, Microsoft Windows Server, Active Directory, and Group Policy management. Experience with cloud platforms such as Microsoft Azure, Microsoft 365, or Amazon Web Services (AWS) administration and support. Familiarity with scripting and automation tools (e.g., PowerShell, Python, Ansible) for system administration or security automation. Availability: willingness and ability to perform off-hours administrative changes and respond to emergencies or urgent issues outside of regular hours if needed. Work eligibility: must be legally authorized to work in the United States without the need for sponsorship by Barr, now or in the future. Helpful additional experience (not required) Recognized security certifications demonstrating expertise and commitment to the field. Experience supporting external audits and compliance assessments (such as SOC2 audits, ISO 27001 certification processes, NIST 800-series compliance, or CMMC). Compensation : Anticipated range of $100,000 to $1

Additional Information

The role - what you'll do Barr is seeking an information security program manager to join our Minneapolis, Minnesota, team. This position reports to the director of information systems. It is a hands-on role that works cross-functionally across teams, leading Barr's information security program. In this full-time role, you will manage the program, focusing on continuous improvement as the security threat environment evolves. For this position, you should be an analytical problem-solver with exceptional attention to detail and a passion for continuous learning. You are highly organized and leverage your technical expertise to implement robust security measures that safeguard system integrity and reliability. You can dig deep when needed while also maintaining a broad strategic perspective on the business. You possess a high degree of self-initiative, proactively leading security improvement and governance efforts, while also enjoying collaboration with technical and non-technical colleagues, always with a client-service mindset. Your impact - key responsibilities Security program administration and maintenance: oversee and continuously improve Barr's information security program. Ensure that security measures are integrated across systems and that protective controls support the company's needs for performance, stability, and high availability. Cybersecurity subject matter expert: provide insight into developing and executing the company's security strategy. Stay current on emerging threat intelligence and cybersecurity trends, and advise the organization on mitigating new threats. Security governance and compliance: develop and maintain information security policies, standards, and procedures to ensure alignment with industry best practices and frameworks such as the NIST Cybersecurity Framework, ISO 27001, and NIST SP 800-171. Crisis management: plan, prepare for, and respond to security incidents or breaches, helping to coordinate containment, investigation, and recovery efforts to minimize damage and downtime. Support the company's Crisis Response Team in planning and response activities that relate to or rely on technology. Security monitoring and optimization: continuously monitor the IT environment for signs of security issues or vulnerabilities using appropriate tools and resources. Escalation-level technical support: serve as the first escalation point for potential security incidents. Vulnerability and patch management: lead proactive vulnerability management by conducting regular security scans and ensuring that processes and automated systems for the timely application of patches and/or upgrades are effective. Documentation and training: develop and maintain internal security documentation and provide technical training and guidance for IT staff and end users on security best practices. Audit support: maintain required documentation, perform internal security testing, and coordinate responses to audit findings or external audit requests. Security assessments: respond to external security questionnaires, assessment tools, and client security surveys. Program metrics and continuous improvement: track key security program metrics and use these insights to drive ongoing program improvements.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at barr? Share your experience