Information Security Manager

We’re transforming the software industry.  We’re Flexera.  With more than 50,000 customers across the world, we’re achieving that goal. But we know we can’t do any of that without our team.  Ready to help us re-imagine the industry during a time of substantial growth and ambitious plans?  Come and see why we’re consistently recognized by Gartner, Forrester and IDC as a category leader in the marketplace.

 

Flexera delivers Technology Value Optimization solutions that enable some of the largest companies in the world to inform their IT so they can transform their IT. From on-prem to the cloud, companies can get the IT asset data needed to rightsize, reallocate spend, reduce risk and maximize ROI.

 

The Manager, Information Security is a critical role within the company.  You will partner with various lines of business, regions, and locations to help advance the company’s information security program.  You will leverage your expert knowledge of today’s ever-changing cybersecurity and risk landscape to influence secure behaviors across the company.

Key Responsibilities

  • Supports the CISO by managing and driving all aspects of the security program lifecycle, including project/program planning and execution across functional teams, inter/intra team communications, status reporting, and risk and issue management.
  • Helps manage the company’s ISO 27001 program
  • Directs and leads the development, implementation, and enforcement of organization-wide security standards, baselines, and procedures in compliance with policy.
  • Works with development and infrastructure support management to ensure that processes and programs are in place for ongoing compliance.
  • Evaluates security requirements in context with other business requirements and recommends measures to manage risk and adequately secure information systems.
  • Monitors changes in business, technology, and threat environments to identify and develop strategies for addressing new risks to Flexera systems and information.
  • Maintains and oversees the execution of an incident management process that ensures timely detection, containment, and eradication of threats, recovery from resulting damage, and corrective action to minimize the risk of future incidents.  Conducts frequent IR tabletop sessions with the relevant teams.
  • Serves as liaison to external auditors and customers in examinations of the company’s security program.  Ensure our client’s IT Security queries are appropriately addressed.
  • Monitors all phases of audits to ensure progress according to audit plan; monitors status of ongoing reviews.
  • Implement and communicate security best practices
  • Responsible for cybersecurity signoff for our exceptions process and the associated closeout/risk handling documentation for presentation to upper management.
  • Work with external parties to perform security audits, penetration, and vulnerability assessments.
  • Review vulnerability scans, monitor security alerts, assess risks, and coordinate remediation activities with internal security testers and development teams.
  • Help develop, manage and implement the company’s vulnerability scans and penetration test scope schedule.
  • Work with external parties to perform security audits, penetration, and vulnerability assessments.
  • Participate in the evaluation of the security of new IT products and services.
  • Keep up to date on global technology-related regulations, industry standards, and other best practice guidance related.

Requirements

  • Possess a Computer Science Bachelor’s Degree or substantial equivalent experience.
  • Seven years of professional experience in information security.
  • Security related certifications such as CISSP, CISA, CRISC  strongly preferred
  • Direct, hands-on experience managing security processes.
  • Possession of security or infrastructure related certifications is a plus.
  • Excellent project management skills with the ability to manage shifting priorities.
  • A customer service orientation with the ability to be flexible in a fast-paced environment.
  • Strong critical thinking and decision-making skills.
  • Knowledge of ISO 27001 required, CIS and/or FedRAMP is a plus.
  • Experience with tools such as Whitehat, Tenable, and Qualys.
  • Hands-on experience with vulnerability analysis, risk analysis, and penetration testing.
  • Strong written and oral communication skills. Ability to convey complex concepts to non-technical constituents. Proficiency in oral and written English.
  • Enthusiastic and self-starter, possess a go-getter attitude.
  • Ability to maintain critical thinking and composure under pressure.

 

Flexera is proud to be an equal opportunity employer.  Qualified applicants will be considered for open roles regardless of age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by local/national laws, policies and/or regulations.

 

Flexera understands the value that results from employing a diverse, equitable, and inclusive workforce. We recognize that equity necessitates acknowledging past exclusion and that inclusion requires intentional effort. Our DEI (Diversity, Equity, and Inclusion) council is the driving force behind our commitment to championing policies and practices that foster a welcoming environment for all.

 

We encourage candidates requiring accommodations to please let us know by emailing careers@flexera.com.

Apply Now Back to listings