• PartnerOne is seeking a seasoned Information Security Manager to lead, scale, and mature the organization's security function. • This is a senior leadership role with a broad scope, encompassing direct team management, executive-level reporting, and full ownership of the company's security strategy and operational programs. • The Information Security Manager will translate organizational risk appetite into executable programs, build and develop a high-performing security team, and serve as the definitive security authority across the business. • This individual will influence product, engineering, compliance, and go-to-market decisions — ensuring security is a competitive differentiator and not just an operational requirement. • Own and drive PartnerOne's multi-year information security strategy, aligning program investments and priorities to business objectives, regulatory obligations, and risk tolerance. • Develop and present regular security risk reports, program health updates, and strategic recommendations to senior leadership and the Board. • Define, track, and communicate key security performance indicators and risk metrics, translating technical posture into business-relevant terms for executive audiences. • Manage the information security budget, including headcount planning, tooling investments, and vendor relationships — ensuring strong ROI and alignment with strategic priorities. • Serve as PartnerOne's senior internal authority on information security, advising the executive team on risk posture, material threats, and program maturity.

Role Description PartnerOne is seeking a seasoned Information Security Manager to lead, scale, and mature the organization's security function. This is a senior leadership role with a broad scope, encompassing direct team management, executive-level reporting, and full ownership of the company's security strategy and operational programs. The Information Security Manager will translate organizational risk appetite into executable programs, build and develop a high-performing security team, and serve as the definitive security authority across the business. This individual will influence product, engineering, compliance, and go-to-market decisions — ensuring security is a competitive differentiator and not just an operational requirement. Team Leadership & Organizational Development - Build, manage, and develop a high-functioning information security team, establishing clear roles, performance expectations, career pathways, and a culture of accountability and continuous improvement. - Set team priorities and allocate resources across security disciplines — including vulnerability management, incident response, application security, data protection, and audit — ensuring appropriate coverage and depth. - Mentor and develop mid-level security staff (including leads and analysts), actively investing in the professional growth of direct reports. - Define hiring plans and lead recruiting efforts to grow team capacity in alignment with company growth and evolving threat landscapes. - Foster a security-first culture across PartnerOne through active engagement, education, and relationship-building at all levels of the organization. Security Strategy & Executive Reporting - Own and drive PartnerOne's multi-year information security strategy, aligning program investments and priorities to business objectives, regulatory obligations, and risk tolerance. - Develop and present regular security risk reports, program health updates, and strategic recommendations to senior leadership and the Board. - Define, track, and communicate key security performance indicators and risk metrics, translating technical posture into business-relevant terms for executive audiences. - Manage the information security budget, including headcount planning, tooling investments, and vendor relationships — ensuring strong ROI and alignment with strategic priorities. - Serve as PartnerOne's senior internal authority on information security, advising the executive team on risk posture, material threats, and program maturity. Vulnerability Management & Configuration Compliance - Set the strategic direction for PartnerOne's vulnerability management and configuration compliance programs, establishing standards, accountability structures, and remediation SLAs. - Own security posture visibility through executive-level dashboards and risk scorecards, ensuring leadership has a clear and current picture of the organization's exposure. - Oversee structured risk treatment processes, ensuring non-compliance findings are triaged, assigned, and resolved — or formally accepted — with appropriate business context and documentation. - Drive sustained, measurable improvement in the organization's security posture over time through governance, accountability, and cross-functional coordination. Security Incident Response & Business Continuity - Establish and continuously mature PartnerOne's security incident response capability, including detection, triage, escalation, containment, recovery, and post-incident review processes. - Serve as the executive decision-maker during significant security incidents, providing authoritative leadership and clear communication to internal and external stakeholders. - Own PartnerOne's security-related Business Continuity and Disaster Recovery planning, ensuring the organization can maintain and restore critical operations following a security event. - Lead tabletop exercises and incident simulations to test response readiness and identify gaps before real events occur. Application Security & Secure Development - Oversee the Application Security program, ensuring that vulnerability scanning, code review standards, and penetration testing activities are embedded into the software development lifecycle. - Direct internal penetration testing efforts and, where appropriate, manage relationships with external security testing partners to validate application and infrastructure security. - Collaborate with engineering leadership to embed security requirements into architecture decisions, development standards, and release gates. - Establish application security KPIs and hold development teams accountable for the timely resolution of identified vulnerabilities. Client Data Protection & Privacy - Own PartnerOne's Client Data Protection program, defining the policies, controls, and monitoring practices that govern how client data is handled across the organization. - Ensure data handling practices across products, services, and operations are consistent with contractual commitments, regulatory requirements, and industry standards. - Conduct and oversee regular control reviews to validate data protection measures remain effective as the business and its threat environment evolve. - Collaborate with legal and compliance teams to address data privacy obligations and respond to client data-related inquiries or incidents. Customer Security Assurance & Commercial Support - Serve as the senior security authority for client-facing security reviews, executive-level customer discussions, and high-stakes due diligence engagements. - Oversee the team's completion of security questionnaires and assurance activities, ensuring accuracy, consistency, and timeliness across all client interactions. - Engage directly with enterprise clients and prospects at the executive level to build confidence in PartnerOne's security posture and capabilities. - Partner closely with sales and client success leadership to support RFP, RFI, and contract processes, ensuring security representations are accurate and competitively positioned. Audit, Compliance & Third-Party Risk - Lead PartnerOne's audit and compliance programs — including SSAE18 (SOC 1/SOC 2), PCI, and other applicable frameworks — from planning through report issuance. - Build and manage relationships with external auditors and assessors, serving as the primary point of contact for all formal compliance engagements. - Oversee the Third-Party Risk Management (TPRM) program, ensuring vendors, partners, and suppliers are assessed, monitored, and held to appropriate security standards. - Ensure audit-readiness is a continuous organizational state, not a reactive effort — building evidence collection, control testing, and documentation into ongoing operations. Security Governance & Policy - Own PartnerOne's information security policy framework, including policies, standards, procedures, and exception management processes — ensuring these remain current, enforceable, and business-aligned. - Represent Information Security on the Change Advisory Board (CAB) and other governance bodies, providing risk-based input on significant organizational and technology changes. - Lead security architecture reviews for major strategic initiatives and platform transitions, ensuring security is designed in from the start. - Develop and communicate PartnerOne's GenAI governance framework, enabling teams to adopt generative AI tools responsibly and securely. Threat Intelligence & Risk Management - Maintain an active, current understanding of the threat landscape relevant to PartnerOne's industry and technology environment, drawing on sources such as CISA, ISACs, and vendor intelligence feeds. - Translate threat intelligence into actionable risk guidance for the business, prioritizing mitigations based on likelihood, impact, and operational context. - Coordinate organizational responses to significant threat events or emerging vulnerabilities, ensuring timely, accurate communication and effective remediation across impacted teams. Security Awareness & Culture - Own PartnerOne's security awareness and training program, ensuring content is relevant, engaging, and compliant with regulatory and contractual training requirements. - Champion a culture of security ownership across the organization — empowering employees at every level to recognize risk and act accordingly. - Maintain active engagement with external security communities, industry groups, and peer networks to stay ahead of emerging risks and evolving best practices. Qualifications - 8+ years of progressive information security experience, including at least 3 years in a leadership or management capacity with direct reports. - Demonstrated experience owning and maturing a broad security program across multiple disciplines simultaneously. - Deep familiarity with compliance frameworks, including SOC 1/SOC 2 (SSAE18), PCI-DSS, and relevant data privacy regulations. - Proven ability to communicate complex security risk clearly and persuasively to executive and Board-level audiences. - Experience managing security in a SaaS, fintech, or similarly regulated technology environment preferred. - Relevant certifications (CISSP, CISM, CRISC, or equivalent) strongly preferred. - Track record of building and developing high-performing security teams in a fast-paced, growth-oriented environment.

• Assignments are on an ongoing rolling enrollment basis according to expertise and school needs. • Utilize your professional expertise to provide high quality instruction from a pre-designed curriculum. • Be available within 48 hours (excluding weekends and holidays) by phone, email, and in the courseroom to ensure learners receive quality feedback in a timely manner to support their academic success. • Utilize the online learning platform to enrich the learning experience. • Establish high standards and ensure learners understand how they will be evaluated. • Adhere to University policies and procedures. • Attend faculty meetings and workshops and/or training as required. • Participate in other activities based on university needs.

Role Description We are seeking a hands-on, strategic, and operationally strong Director of IT, Information Security & Data Privacy to lead and scale our internal technology, cybersecurity, and data privacy functions. This leader will oversee the company’s IT infrastructure, security operations, compliance initiatives, and privacy programs while building a high-performing team that supports a fast-paced, high-growth SaaS environment. The ideal candidate requires deep technical expertise, strong leadership capabilities, and experience navigating the challenges of scaling systems, processes, and security practices in a growing SaaS organization. This role requires a balance of strategic thinking and hands-on execution. Key Responsibilities - IT Leadership & Operations - Lead the company’s IT strategy, operations, and roadmap across infrastructure, endpoint management, collaboration tools, and enterprise applications. - Manage and mentor a high-performing IT and security team, fostering accountability, growth, and operational excellence. - Oversee help desk operations and end-user support to ensure a high-quality employee experience. - Drive scalability, automation, and operational maturity across IT systems and processes. - Manage vendor relationships, software licensing, hardware procurement, and IT budgets. - Ensure business continuity, disaster recovery, and operational resilience plans are maintained and tested. - Information Security - Develop, implement, and continuously improve the organization’s cybersecurity strategy and security posture. - Lead security operations including identity and access management, endpoint security, vulnerability management, threat detection, incident response, and security monitoring. - Partner with engineering and product teams to strengthen cloud and application security practices. - Maintain and improve security frameworks, policies, standards, and controls aligned with industry best practices. - Lead security awareness and training initiatives across the organization. - Manage vendor and third-party security assessments, audits, and customer security questionnaires. - Data Privacy & Compliance - Own and evolve the company’s data privacy and governance programs. - Ensure compliance with applicable regulations and frameworks including SOC 2, GDPR, CCPA, and other evolving privacy/security standards. - Partner with legal, HR, engineering, and business stakeholders to operationalize privacy and compliance requirements. - Support customer, partner, and enterprise security assessment and due diligence efforts. - Strategic Leadership - Serve as a trusted advisor to executive leadership on IT, cybersecurity, risk, and privacy matters. - Influential leader who builds trust and collaborates effectively across technical and business functions. - Assess emerging technologies and risks to support business growth and innovation. - Build scalable processes and controls appropriate for a rapidly growing SaaS organization. - Establish KPIs, metrics, and reporting for IT and security operations. Qualifications - 10+ years of progressive IT and information security leadership experience, including 5+ years with director and/or senior-level responsibility. - Proven experience leading IT and security functions within a fast-paced, high-growth SaaS or cloud-native company. - Strong hands-on technical background across cloud infrastructure, networking, identity management, endpoint management, and security operations. - Demonstrated success building, mentoring, and leading high-performing technical teams. - Deep understanding of cybersecurity frameworks, risk management, and security best practices. - Demonstrated success leading the achievement, maintenance, and continuous improvement of ISO 27001, SOC 2, and related security/compliance programs. - Experience implementing and managing modern security tooling and processes in cloud environments. - Strong project management, communication, organizational, and cross-functional collaboration skills. Preferred Qualifications - Experience supporting remote or hybrid work environments. - Familiarity with modern SaaS ecosystems including Microsoft 365, Google Workspace, Okta, JAMF, Intune, AWS/Azure, and cloud security platforms. - Security certifications such as CISSP, CISM, or similar are a plus. - Experience with M&A integration, scaling operations, or rapid organizational growth preferred. Leadership Competencies - Hands-on leader who can operate strategically while remaining close to day-to-day execution. - Strong communicator with the ability to influence technical and non-technical stakeholders. - Calm and decisive under pressure with strong incident management skills. - Collaborative, pragmatic, and solutions-oriented mindset. - Passion for building scalable, secure, and efficient systems that enable business growth. Benefits - Opportunity to shape and mature IT, security, and privacy programs at a growing SaaS company. - High-impact leadership role with visibility across executive leadership and the organization. - Collaborative, fast-moving environment focused on innovation and operational excellence. - Ability to build and lead a modern, scalable IT and cybersecurity organization. - Competitive compensation package that reflects your experience, skills, and the value you bring to our team. The salary range for this position is $175,000 - $190,000 annually. - This role is also bonus eligible. - PTO policy includes company holidays, sick time, vacation time, and floating holidays. - Remote work options available. - Company pays a portion of individual health care premium. - Option to participate in a company-sponsored 401(k). - Training and education opportunities. - Professional development; all employees have access to a third-party professional coach. - Tuition reimbursement program. - Opportunity to work for a purpose-driven organization using business as a force for good. Company Description Energage is a purpose-driven company that helps organizations turn employee feedback into useful business intelligence and credible employer recognition through Top Workplaces. Built on 19 years of culture research and the results from 23 million employees surveyed across more than 70,000 organizations, Energage delivers the most accurate competitive benchmark available. With access to a unique combination of patented analytic tools and expert guidance, Energage customers lead the competition with an engaged workforce and an opportunity to gain recognition for their people-first approach to culture. Energage is committed to fostering a diverse and inclusive environment. We are proud to be an equal opportunity employer. Energage encourages all qualified candidates to apply, including those of any race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.