Information Security Manager

Qualifications

1. Experience:

Background: 5-8 years in Information Security, with a strong focus on GRC (Governance, Risk, Compliance) or Auditing.

Frameworks: Deep expert-level knowledge of ISO 27001, SOC 2 Type II, or NIST 800-53.

Project Management: Proven ability to manage cross-departmental projects (e.g., Getting the whole company SOC 2 certified).

2. Soft Skills:

Communication: You must be able to explain to the VP of Sales why they can't use an insecure tool, without stopping them from doing their job.

Organization: Extreme attention to detail. A missing document can cause a failed audit.

3. Certifications (Essential):

CISM (Certified Information Security Manager) - The gold standard for this specific role.

CISA (Certified Information Systems Auditor)

CISSP (Certified Information Systems Security Professional)