Sr Manager, Information Security


Job Location:

Herndon, VA - USA

Monthly Salary: Not Disclosed
Posted on: 4 days ago
Vacancies: 1 Vacancy

Job Summary

Overview

AtST Engineering iDirect were reshaping the future of global connectivity. As a leader in satellite communications our groundbreaking technology empowers customers to grow innovate and transform their networks. Here your skills and passion meet our vision and expertise to create something extraordinary. If youre ready to tackle technologys biggest challenges and redefine how the world connects the most exciting chapter of your career awaits. With ST Engineering iDirect the sky isnt the limitits just the beginning.

The Senior Manager Information Security is a key leadership role responsible for overseeing the daytoday execution of the companys information security program while ensuring readiness for evolving global cybersecurity regulations including the EU Cyber Resilience Act. Reporting to the Vice President Technology and Information Security this role provides handson leadership across security operations governance and product security. The position serves as the operational owner for information security execution and as the central coordinator for translating regulatory security and product requirements into consistent scalable outcomes across IT engineering and product organizations.

Responsibilities

Role Summary

The Senior Manager Information Security is accountable for operational security execution regulatory readiness and security product leadership. This role oversees daily security operations manages compliance and governance activities and owns the integration of security and regulatory requirements including those introduced by the Cyber Resilience Act into product development lifecycle management and operational processes.

The position combines security operations leadership regulatory and compliance ownership and security product responsibility ensuring that both internal systems and customerfacing products meet security resilience and vulnerability management expectations throughout their lifecycle.

Information Security Operations and Governance

  • Lead daytoday execution of the enterprise information security program in alignment with company strategy and risk posture.
  • Oversee security operations including monitoring vulnerability management incident response rootcause analysis and remediation tracking.
  • Manage implementation and continuous improvement of the ISO27001based Information Security Management System (ISMS).
  • Ensure ongoing compliance with applicable regulatory requirements industry standards and customer security expectations including emerging product security regulations such as the Cyber Resilience Act.
  • Coordinate preparation for internal and external audits regulatory reviews certifications and customer security assessments.
  • Lead investigation and response activities for security incidents vulnerabilities and control failures including followup remediation actions.
  • Maintain and evolve IT and product security policies standards procedures and technical baselines.
  • Drive security awareness initiatives and promote a culture of securebydesign and shared responsibility across the organization.

Cyber Resilience Act and Product Security Accountability

  • Serve as the operational owner for Cyber Resilience Act readiness interpretation and implementation across products platforms and services.
  • Coordinate adoption of CRAaligned requirements including secure development lifecycle controls product risk assessment threat modeling vulnerability handling and coordinated disclosure processes.
  • Partner with engineering and product teams to ensure security and resilience requirements are embedded throughout the full product lifecycle from design through endoflife.
  • Ensure product security documentation evidence and technical controls support regulatory conformity assessments and audits.
  • Track and manage security vulnerabilities impacting products including prioritization remediation tracking customer communication and regulatory reporting as required.
  • Act as a primary liaison with Legal Compliance Engineering and Product leadership on CRArelated and product security regulatory matters.
  • Monitor evolving global product security regulations and standards assessing impact and recommending proactive controls or design changes.

Security Product and Portfolio Leadership

  • Own and define security requirements across the companys portfolio of products software platforms and managed services.
  • Act as the primary security stakeholder and internal customer proxy for securityrelated product initiatives and roadmaps.
  • Lead crossfunctional security councils involving product management engineering services legal compliance and operations.
  • Evaluate and prioritize security features enhancements and remediation efforts based on regulatory impact risk exposure and customer needs.
  • Develop securityrelated business cases including scope definition impact analysis and risk mitigation value.
  • Partner with Product Owners and Engineering teams to translate security and regulatory requirements into epics user stories and acceptance criteria.
  • Ensure delivery of completed security capabilities including validation documentation testing and operational readiness.
  • Maintain subjectmatter expertise in product security standards vulnerability management practices and security maturity models.

Leadership and Management

  • Directly manage the Information Security Manager and assigned security staff.
  • Provide coaching mentorship and performance management aligned with evolving security and regulatory demands.
  • Coordinate crossfunctional execution of security initiatives across IT engineering and product organizations.
  • Escalate risks compliance gaps and resource constraints to the Vice President Technology and Information Security.
  • Support workforce planning capability development and scaling of operational and product security functions.

Qualifications

  • Bachelors degree in Computer Science Engineering Information Systems Cybersecurity or a related field; advanced degree preferred.
  • Seven or more years of experience in information security cybersecurity IT risk or product security roles.
  • Handson experience with security governance frameworks and compliance programs such as ISO27001 NIST SOC and emerging product security regulations.
  • Demonstrated experience working closely with engineering and product teams on secure development lifecycle and vulnerability management.
  • Familiarity with product security regulations including the Cyber Resilience Act or equivalent global frameworks.
  • Strong analytical organizational and communication skills with the ability to translate regulatory requirements into actionable controls.
  • Proven ability to manage multiple initiatives influence crossfunctional stakeholders and drive execution in a global environment.

Required Experience:

Manager

OverviewAtST Engineering iDirect were reshaping the future of global connectivity. As a leader in satellite communications our groundbreaking technology empowers customers to grow innovate and transform their networks. Here your skills and passion meet our vision and expertise to create something ex...

About Company

Company Logo

ST Engineering iDirect is the global leader in satellite communications, providing satellite technology and communication solutions.

View Profile View Profile