A certified minority business enterprise founded in 1997, TripleNet Technologies exists to help new ventures, privately-held firms, Fortune 100 companies, and o
Information Security Manager
Location
Washington
Posted
1 day ago
Salary
$0 / hour
Seniority
Lead
Job Description
Information Security Manager
TripleNet Technologies
Title: Information Security Manager Location: Seattle, wa Job Description: Key Responsibilities and Duties: - Guide security policy and participate in broader Information Security governance efforts. - Develop and maintain the Information Security Management System (ISMS) in collaboration with regional information security SMEs and technical consultants. - Oversee and manage the ISMS and recommend appropriate mitigating controls. - Oversees Information Security Risk Management activities, including risk identification, assessment, and communication to relevant interest holders. - Provide valuable expertise and leadership directly to the governing Joint Board executive leadership, including sharing metrics to reflect the performance of the regional security program functions, executive risk score reports, and other guidance on a variety of information security topics. - Facilitate a committee of Information Security SMEs across the Agencies to ensure both regional compliance and concurrence on information security-related matters, recommending solutions, and working from the regional perspective to achieve optimal solutions. - Collaborate with the Systems Integrator, other vendors, and partner Agencies to ensure security best practices, standards, policies, and regulatory requirements are incorporated into core payment system design, implementation, and sustainment, as well as support other future phase projects. - Conduct regular security reviews of both software and processes, advising on information security practices. Reviews and creates threat models and recommends security enhancements consistent with information security strategy and evolving threats. - Support external IT security audits and assessments that focus on operation. - Develop, update, implement, and conduct information security training programs to support the ISMS objectives. - Manage approvals for Identity and Access Management (IAM) and Access Control Administration. - Act as Incident Commander for Security Incident Response activities, whenever the Information Security Incident Response Plan is invoked by the regional program; play an interest holder and oversight role if the plan is invoked by other partners or vendors. - Participate in information security incident investigation and response efforts; perform root-cause analysis when incidents occur and prepare incident reports. - Evaluate change requests to determine potential impacts to Information Security, including IT systems, processes, policies, and provide appropriate input to the Change Management process. - Coach future Regional Operations Team (ROOT) information security personnel as the ISMS becomes complete and mature. - Keep up to date on latest information security trends, "best practices", threats, and countermeasures. Required Skills and Qualifications: - Enterprise-level information security plans, policies, standards, guidelines, methods, and practices based on current industry standards, best practices, tools, and techniques. - Information Security Management Systems, and applicable industry standards (ISO 27001/2). - Pertinent federal, state, and local laws, codes, and regulations; particularly those that affect information security for payment systems. - Environments subject to the Payment Card Industry Data Security Standard (PCI DSS), including compliance-related duties. - Knowledge and understanding of developing and administering information-security standards, practices, audits, risk management, and policy compliance. - Information Security Audit principles and practices. - Knowledge of one or more governance frameworks such as COBIT 5, ISO, NIST, or COSO. - Strong understanding of IT Service Delivery (ITIL) core processes and methodologies. - Principles, methods, and techniques used in the facilitation of managing projects and leading teams. - Relevant experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography. - In-depth knowledge of security software threats and vulnerability mitigation techniques. - Working knowledge of cloud platforms such as Azure/ AWS and relevant security controls. - Establishing and maintaining collaborative working relationships with other department staff, management, vendors, and other interest holders. - Documenting and explaining risks, recommendations, and incident data to technical interest holders. - Interpreting and administering information security policies, standards, and procedures sufficiently to administer, discuss, resolve, and explain them to staff and other constituencies. - Leading or supporting an Information Security Management System. - Generating metrics and preparing reports to facilitate decision-making on security-related activities. - Utilizing personal computer software programs affecting assigned work and in compiling and preparing spreadsheets and reports. - Responding to inquiries with effective oral and written communication. - Researching, analyzing, and evaluating new security processes, products, and techniques. - Excellent time management skills including the ability to prepare, prioritize, and complete work plans. - Working effectively under pressure, meeting deadlines, and adjusting to changing priorities. - Writing of technical documentation and standards, including skill in English usage, spelling, grammar, and punctuation Required Certifications or Licenses: - At least one of the following (in valid status): - Certified Information Systems Security Professional (CISSP). - Certified Information Security Manager (CISM). - Certified Information Security Auditor (CISA). Other industry relevant certifications in the fields of information security, project management, auditing and/ or risk management, such as the Certification in Risk and Information Systems Control (CRISC) Preferred Skills and Qualifications: - Knowledge of Governance, Risk, and Compliance (GRC) tools. - Principles of leadership, supervision, training, and performance evaluation. - Extensive knowledge of risk-based methodologies, and one or more of the following frameworks: ISO 27001/2:2017, 27005:2011, and 31000; PCI-DSS; or NIST 800-53. Duration:11/07/2025 to 2/28/2026 Location: Downtown Seattle (Hybrid) M-F: 8 AM to 5 PM Hybrid: 3 days work onsite Pay: $75 per hour
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Analista de Segurança da Informação Pleno – Pentest
OmieImpulsione a economia do Brasil, seja um Omielover! #VemPraOmie https://carreirasomie.gupy.io/
• Foco em testes de intrusão e segurança de aplicações web, com ênfase em integrações estratégicas e validação de segurança em parceiros de negócio do ecossistema Omie. • Pentest de APIs: Testes de segurança em endpoints, análise de fluxos de autenticação (OAuth, JWT) e integrações de terceiros. • Desenvolvimento Seguro: Revisão de código e integração de ferramentas SAST/DAST em esteiras de CI/CD. • Relatórios de Vulnerabilidade: Redação técnica para desenvolvedores e relatórios executivos de risco para stakeholders.
Security Services Specialist
CBTSCBTS partners with businesses to deliver innovative technology solutions, including application services, cloud solutions, consulting, digital workplace solutio
Security Services Specialist Location: Chicago, IL, USA Work Arrangement: Remote/Hybrid About the Role We are looking for a Security Services Specialist with a passion for shaping, positioning, and winning complex cybersecurity engagements to join our Presales Advisory & Strategic Pursuits practice. This is a strategic, client-facing role at the intersection of cybersecurity expertise, consultative selling, and executive engagement — not a traditional delivery position. You will partner closely with Account Executives, Solution Leads, presales teams, and delivery leadership to lead consultative discovery, define security strategy, and architect services-led solutions aligned to business risk and long-term transformation goals. The mission: help organizations evolve from fragmented, tool-centric security approaches to mature, risk-driven security programs. What You Will Do Shape & Win Strategic Opportunities · Partner with Account Executives to identify, qualify, and shape high-value cybersecurity pursuits from the earliest stages of engagement. · Lead consultative discovery sessions to uncover business drivers, pain points, and transformation opportunities. · Define compelling solution visions that connect security investments to measurable business outcomes. · Drive end-to-end pursuit leadership — from initial engagement through close. Lead Executive Engagement · Establish credibility with CIOs, CTOs, CISOs, and business executives as a trusted security advisor. · Facilitate outcome-driven conversations that move beyond technology to business impact and risk reduction. · Craft and deliver executive-level narratives that differentiate our offerings and win competitive pursuits. Architect Services-Led Solutions · Design integrated solutions that combine Professional Services, Managed Security Services, and partner capabilities into a cohesive offering. · Ensure every solution is technically sound, operationally viable, and commercially compelling. · Align architecture, delivery models, and commercial constructs into scalable, repeatable offerings. Orchestrate Cross-Functional Teams · Lead and align solution architects, engineers, subject matter experts, partners, and delivery teams across complex pursuits. · Drive clarity, accountability, and pace — ensuring every pursuit moves forward with purpose and precision. · Elevate team performance through coaching, structure, and the development of reusable best practices. Influence Strategy & Commercial Outcomes · Shape deal strategy, pricing models, and commercial constructs — including recurring, consumption-based, and outcome-based models. · Balance competitiveness, risk, and profitability in solution design to optimize commercial outcomes. · Contribute to portfolio evolution based on market demand, competitive intelligence, and client needs. Required Qualifications · 5–10+ years of experience in cybersecurity, consulting, or technical sales, with demonstrated success shaping and closing complex security services engagements. · Experience within a managed service provider (MSP), global systems integrator (GSI), or enterprise security environment. · Strong background in managed security services and/or security consulting engagements. · Deep experience in consultative, outcome-based, and value-based selling methodologies. · Ability to translate security risk into business impact, investment rationale, and ROI. · Exceptional executive communication and storytelling skills, with the ability to simplify complexity for senior audiences. Broad technical and domain expertise spanning the following areas: · Risk-based security program development and maturity modeling. · Security frameworks including NIST, CIS, and ISO. · Threat detection and response — SIEM, SOAR, SOC, and MTDR. · Vulnerability management, remediation, and compliance. · Identity and access security — MFA, IAM, and Zero Trust. · Cloud security — CSPM, governance, and workload protection. · Application security — web, mobile, and API protection. · Data security — encryption, governance, and protection. · Network and infrastructure security — firewalls, DDoS, segmentation, and SASE. · Managed security services operations — 24×7 monitoring and incident response. · Awareness of AI-driven threats and automation in security operations. Preferred Qualifications · CISSP, CISM, or equivalent industry-recognized security certifications. · Cloud security certifications across one or more providers (AWS, Azure, GCP). · Vendor-specific certifications such as Cisco, Palo Alto, or Microsoft Security. Success Profile The ideal candidate is a confident, commercially driven security professional who thrives at the intersection of strategy and execution. You are equally at home leading a discovery session with a client's security team and presenting a transformation vision to a CISO or senior business leader. You understand that winning in presales requires more than technical depth — it requires empathy, influence, and the ability to make clients feel understood before they feel sold to. · Executive Presence: Confident engaging and influencing senior stakeholders with authority and authenticity. · Strategic Thinking: Shapes complex opportunities into clear, actionable strategies that drive results. · Storytelling Excellence: Simplifies complexity into compelling narratives that resonate with technical and business audiences alike. · Commercial Acumen: Understands how solution design drives business outcomes — and structures deals accordingly. · Operational Discipline: Drives structure, pace, and execution across pursuits without compromising quality. · Collaborative Leadership: Operates seamlessly across sales, presales, delivery, and partner ecosystems. · Growth Mindset: Continuously elevates self, team, and organizational capability. We are an equal opportunity employer. We welcome applicants from all backgrounds and are committed to building a diverse and inclusive team. Salary $110,000 to $160,000 #LI-PF2 #LI-Remote The compensation range in this posting reflects the Company’s good‑faith estimate at the time of publication. The applicable base pay range for any individual will be determined based on the candidate’s designated primary work location as well as factors including role scope and responsibilities, required qualifications, and the individual’s experience, education, skills, knowledge, and performance. Certain positions may also be eligible for additional compensation such as discretionary merit increases, bonuses, or sales‑based variable compensation in accordance with applicable plans and role requirements. Due to U.S. Government requirements applicable to foreign-owned telecommunications providers, non-US citizens may be required to submit to an extensive government agency background check which will necessitate disclosure of sensitive Personally Identifiable Information.
Modern Work & Security Transformation Architect
CPSDelivering your business and technology outcomes through expert consultancy and the deployment of Microsoft technology.
• Design, build and demonstrate Microsoft 365 Modern Work and Security capabilities to prospective clients. • Lead customer workshops, discovery sessions and strategic conversations with stakeholders from technical teams through to executive leadership. • Gather and document business, functional, technical, security, compliance and migration requirements. • Produce current-state assessments, target-state architectures, strategic recommendations, roadmaps, options appraisals and migration strategies. • Create high-quality architecture and solution designs capable of being handed over to multi-disciplinary delivery teams for successful implementation. • Provide technical leadership across large customer programmes, coordinating architecture decisions across productivity, collaboration, security, compliance, identity, endpoint, migration and UC workstreams, and drawing on SMEs for specialist design input where required. • Support technical governance, design assurance, dependency management and risk resolution throughout customer engagements. • Assist in writing compelling proposals, responses to tenders, discovery reports, business cases and statements of work. • Estimate delivery effort and support solution costing activities across complex, multi-phase engagements. • Ensure all customer-facing deliverables meet CPS quality standards. • Promote CPS as a recognised leader in Microsoft Modern Work and Security through blogs, webinars, events, conferences and customer engagements. • Contribute to internal standards, methodologies and reusable assets to improve the consistency and quality of delivery. • Lead the creation, development and evolution of the CPS Modern Work and Security service portfolio. • Define and maintain service propositions covering Microsoft 365 strategy, tenant design, Google Workspace to Microsoft 365 migration, SharePoint, Teams, Exchange Online, OneDrive, Viva, Copilot, Intune, Entra ID, Defender, Purview, UC and adoption programmes, with support from specialist SMEs where appropriate. • Work with the Head of Practice to develop packaged offerings with clearly defined scope, deliverables, commercial models, assumptions, risks and pricing structures. • Work closely with Sales, Marketing and Delivery teams to develop go-to-market strategies and supporting collateral. • Identify emerging Microsoft technologies, market trends and customer requirements, translating them into new service opportunities. • Support pipeline development and business growth through technical sales engagement, opportunity qualification and executive-level solution positioning. • Contribute to strategic partnerships with Microsoft and other technology vendors. • Create repeatable delivery frameworks, migration approaches, architecture patterns and best-practice guidance that improve scalability and profitability across the practice.
• Design and ship scalable security solutions. • Build relationships with engineering to foster cooperative partnerships across key Twilio products and platforms. • Partner with product and engineering teams to integrate scalable security capabilities. • Use metrics and data on the state of security at the product level, to drive accountability and action. • Drive security risk reduction through technical leadership and influence of engineering roadmaps. • Lead security reviews for critical features, new initiatives and infrastructure changes. • Cultivate security expertise across engineering teams through mentorship, technical guidance and training.



