Job Description

SecPod is a leading cybersecurity technology company committed to preventing cyberattacks through proactive security. Its mission is to secure computing infrastructure by enabling preventive security posture.
At the core of SecPod's offerings is the Saner Platform - a suite of solutions that help organizations establish a strong security posture to preempt cyber threats against endpoints, servers, network and cloud infrastructure, as well as cloud workloads. With its cutting-edge and comprehensive solutions, SecPod empowers organizations to stay ahead of evolving threats and build a resilient security framework.
Saner Platform includes Saner CVEM, an enterprise-grade vulnerability and compliance management for endpoints and IT infrastructure, and Saner Cloud, an AI-fortified cloud security, workload protection, and risk mitigation for multi-cloud environments.

Learn More About SecPod

https://secpod.com/about-us

About the Role

We are seeking a proactive and experienced Information Security Manager to lead and oversee the organization's daily InfoSec operations. This role is central to maintaining our security posture through continuous monitoring, real-time incident detection and response, and effective use of security tools and processes.

You will be responsible for planning, implementing, and maintaining security measures to safeguard digital assets, systems, and networks. The scope includes managing and optimizing tools such as SIEM, endpoint protection platforms, and NextGen AV solutions, as well as driving vulnerability management, patching, and compliance readiness.

This role is ideal for someone with a strong technical foundation, leadership capabilities, and a proven ability to translate security strategy into effective daily execution.

Required Qualifications:

8+ years of experience in Information or IT Security, with at least 3 years in a leadership or managerial capacity. Expertise in InfoSec operations, incident response, and regulatory compliance (e.g., SOC 2, ISO 27001, GDPR). Solid understanding of cybersecurity principles, risk management, and enterprise IT infrastructure. Hands-on experience with SIEM, EDR, vulnerability scanners, DLP, and cloud security tools. Deep familiarity with security frameworks and standards (NIST, ISO, CIS Controls). Strong understanding of system and web application vulnerabilities, including OWASP Top 10. Demonstrated ability to create and maintain security policies, procedures, and architecture documentation. Excellent analytical and problem-solving skills; able to prioritize and manage multiple competing tasks. Strong leadership, project management, and stakeholder communication skills. Comfortable working in a fast-paced, evolving environment.

Key Responsibilities:

Operational Security & Monitoring

Continuously monitor networks, endpoints, and cloud infrastructure using SIEM and security tools. Investigate security alerts, anomalies, and potential threats in real-time. Lead and coordinate incident response, including containment, remediation, and root-cause analysis. Maintain and update incident playbooks, ensuring swift and effective responses. Ensure vulnerability scanning and patch management are executed on schedule with full validation.

Security Infrastructure & Tool Management

Manage and optimize the configuration of SIEM, EDR, DLP, IAM, IDS/IPS, and endpoint protection platforms. Improve detection and alerting capabilities through regular tuning and tool enhancement. Ensure tools are integrated effectively across on-prem and cloud environments.

Governance, Risk & Compliance

Enforce and monitor adherence to internal security policies, procedures, and standards. Ensure compliance with industry frameworks and regulations such as SOC 2, ISO 27001, GDPR, HIPAA, and PCI-DSS. Maintain accurate and up-to-date documentation of security controls, audits, and incidents. Support audit preparation and assessments, addressing gaps and remediation actions.

Reporting & Metrics

Develop daily/weekly dashboards to report on security posture, incidents, patch status, and audit findings. Present metrics, trends, and risk insights to Head of Security & executive leadership.

Collaboration & Team Leadership

Mentor and guide junior security team members, promoting skills growth and accountability. Collaborate with IT, DevOps, and business units to align security with organizational goals.

Security Awareness & Culture

Design and deliver ongoing security training programs for staff. Promote a strong, security-first culture across all departments.

Vendor & Third-Party Security

Evaluate and monitor third-party vendors for potential security risks. Collaborate with legal and procurement teams to ensure secure contracts and SLAs are enforced.

Preferred Qualifications:

Experience with automation using Python, PowerShell, or Bash. Exposure to DevSecOps and secure SDLC practices. * Familiarity with multi-cloud security (AWS, Azure, GCP).