Manager, Information Security

New England College of Optometry seeks an entry level Information Security Manager to develop implement and oversee a robust information security strategy and program. This critical role involves establishing and enforcing policies procedures and technologies to protect the confidentiality integrity and availability of institutional and student data. The Information Security Manager will be responsible for risk assessment incident response security operations and ensuring compliance with all relevant regulations and standards. This role requires strong leadership technical expertise and excellent communication skills to collaborate effectively across the institution.

Responsibilities

• Develop implement and oversee a robust information security strategy and program in alignment with institutional goals and industry best practices.
• Establish and maintain institutional information security policies standards and guidelines ensuring they are regularly reviewed updated and communicated.
• Manage security operations including monitoring detection prevention response and analysis of security threats and vulnerabilities.
• Lead and coordinate the information security incident response team managing security breaches & ensuring timely and effective resolution and post-incident analysis.
• Conduct regular risk assessments and penetration testing to identify and mitigate potential security vulnerabilities across systems networks and applications.
• Ensure compliance with national and international regulatory frameworks (e.g. FERPA HIPAA ISO 27001 SOC 2) relevant to the organization.
• Oversee security awareness training programs for all employees to promote a culture of security consciousness.
• Manage the security budget and evaluate select and implement appropriate security tools and technologies.
• Report on the status of the security program vulnerabilities and incidents to executive leadership.
• Work on special projects as assigned by the Chief Information Officer.
• Other duties as assigned.

Requirements

• Experience in designing implementing and managing enterprise-level information security programs and strategy.
• Technical knowledge of network security application security cloud security (e.g. AWS Azure GCP) and endpoint protection technologies.
• Understanding of risk management methodologies and security frameworks (e.g. ISO 27001 NIST CIS Controls).
• Experience leading security incident response and forensic analysis.
• Strong communication and interpersonal skills with the ability to explain complex security issues to technical and non-technical audiences.
• Knowledge of networking principles including wireless networking.
• Excellent written and verbal communication skills professional appearance punctuality and a sense of urgency.
• Experience working with Active Directory and Google Cloud Platform.
• Ability and willingness to learn new technologies.

Preferred Background/Skills

• Professional certifications such as CISSP CISM or relevant SANS certifications.
• Experience with Governance Risk and Compliance (GRC) tools and processes.
• Exceptional organizational skills with the ability to prioritize projects and tasks.
• Familiarity with scripting languages (e.g. Python PowerShell) for security automation.
• Ability to write reports and document steps for knowledge sharing.
• Ability to work efficiently and independently with minimal supervision.
• Excellent customer service and communications skills.

Education

• Bachelors degree in Computer Science Information Technology Information Security or a related technical field.

Experience

• A minimum of 2 years of progressive experience in the field of information security.

NECO is an Equal Opportunity employer and encourages all qualified candidates to apply.

New England College of Optometry offers a robust benefits program including:

• 3 plan options for BCBS medical coverage (employer subsidized at 75% or greater)
• Mental Health and Wellness benefits
• BCBS Dental
• Discounted vision services
• 13 paid holidays and generous paid time off for sick vacation and personal days
• Employer-paid life insurance and short-term and long-term disability
• Voluntary Insurance: life critical illness hospital indemnity accident
• Voluntary Benefits: employee discounts and pet insurance
• 9% employer contribution to a 403(b) retirement plan after 1 year of service with no vesting schedule or match requirement
• Qualified Public Service Loan Forgiveness Employer