CrawlJobs Logo

Information Security Program Manager

United States, Washington, District of Columbia · Job Posted February 13, 2026
Apply Position
Job Link Share

Job Description

The Information Security Program Manager provides overall leadership, management, and execution oversight for the SAMHSA Cybersecurity and Privacy Support Program. This role serves as the primary contractor interface to the CIO, CISO, SAOP, and COR, ensuring all cybersecurity services are delivered in accordance with federal, HHS, and SAMHSA requirements. The Program Manager is responsible for driving program maturity, ensuring quality assurance, and aligning technical execution with agency mission objectives.

Job Responsibility

  • Lead contract performance, staffing, scheduling, budget, and risk management
  • Provide strategic direction for FISMA, NIST RMF, CDM, FedRAMP, and DevSecOps initiatives
  • Oversee development of plans, reports, dashboards, and executive briefings
  • Ensure compliance with all cybersecurity and privacy regulatory requirements
  • Support audits, inspections, and regulatory data calls
  • Implement continuous process improvement and cybersecurity program maturity activities

Requirements

  • Bachelor's degree required
  • Minimum 5 years of program or project management experience
  • Minimum 7 years supporting federal cybersecurity programs
  • CISSP, CAP, or CISM required
  • PMP preferred
  • Public Trust clearance required
  • Ability to obtain and maintain clearance is mandatory

Nice to have

PMP preferred

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Information Security Program Manager

8 matching positions

New

Principal Information Security Manager

This is not a build-from-scratch role. It is a step up in maturity: fewer manual...
Location
Location
Germany , Berlin
Salary
Salary:
Not provided
staffbase.com Logo
Staffbase
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company
  • Proven ownership of ISO 27001 and/or SOC 2 programs
  • Track record of representing InfoSec to enterprise customers, including security reviews and escalations
  • Must be fluent in German and English
  • Comfortable with AI-driven tooling
  • actively looks for automation opportunities in compliance and operations
Job Responsibility
Job Responsibility
  • Lead ISO 27001 and SOC 2 audit cycles end-to-end
  • Own the control framework
  • Prepare the InfoSec program for investor and M&A due diligence scrutiny
  • Own the response to enterprise customer security questionnaires and RFPs
  • Represent Staffbase in customer security reviews, calls, and audits
  • Build scalable approaches to reduce response time
  • Maintain the risk register and drive risk treatment decisions
  • Own vendor security assessments for critical and high-risk suppliers
  • Partner with Procurement and Legal on AI-assisted review workflows
  • Own the internal security policy framework
What we offer
What we offer
  • competitive compensation including LTIP (unit-based Long Term Incentive Plan)
  • flexible working time models
  • hybrid work option
  • yearly flex work allowance of €1560
  • 31 vacation days annually (incl. one floating holiday)
  • pro rata fully paid Fridays off during August
  • company pension scheme
  • one Volunteers Day per year for supporting a social project
  • Fulltime
Read More
Arrow Right

Information Security Manager

We are looking for a Lab Security Manager who can rise to the complexity of prot...
Location
Location
United States , Austin
Salary
Salary:
152000.00 - 228000.00 USD / Year
amd.com Logo
AMD
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Background in semiconductor, hardware engineering, or other R&D-intensive industries where pre-release IP protection is mission-critical
  • Experience evaluating and securing connectivity to ODC (Outsourced Design Center) or OSAT (Outsourced Semiconductor Assembly and Test) partners, or equivalent third-party manufacturing and engineering partners in the semiconductor supply chain
  • Experience securing AI/ML compute infrastructure, including familiarity with GPU cluster deployments, fabric interconnects, and associated operational environments
  • One or more relevant certifications: CISSP, CISM, GIAC or equivalent
  • Experience working in or alongside a Security Operations Center (SOC), including familiarity with SIEM platforms, UEBA tools, and alert triage workflows
  • Prior experience in a role that required coordination across physical security, IT security, and legal/compliance functions simultaneously
  • BS/MS preferred in related field
  • SANS, MCSE, RHCSS, CISSP, CISA, CISM certification(s)
Job Responsibility
Job Responsibility
  • Define and enforce security standards across global labs and compute facilities
  • Partner with facilities teams to embed security into lab design and operations
  • Maintain site-specific security plans for critical locations
  • Establish security controls for large-scale compute environments (e.g., GPU clusters, AI farms)
  • Enforce network segmentation, monitoring, and anomaly detection
  • Mitigate risks at the intersection of physical and logical access
  • Lead protection of sensitive IP, including pre-release hardware and software
  • Develop insider threat controls and collaborate with HR, Legal, and SOC
  • Manage protocols for handling sensitive assets, visitors, and contractors
  • Ensure compliance with EAR, ISO, NIST, and other frameworks
  • Fulltime
Read More
Arrow Right

Information Security Manager

Implement and maintain information security policies, standards, and procedures....
Location
Location
Egypt , New Cairo
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s/Master’s degree in Information Technology, Computer Science, Cybersecurity, or related field from a reputable university
  • Minimum of 8 years of experience in information security, with at least 3 years in a managerial role
  • Strong knowledge of IT security frameworks, CBE cybersecurity guidelines, and regulatory compliance
  • Experience in vulnerability management, incident response, and security operations
  • Excellent analytical, problem-solving, and communication skills
  • Preferred certifications include CISSP, CISM, ISO 27001 Lead Implementer/Auditor, or CEH
Job Responsibility
Job Responsibility
  • Implement and maintain information security policies, standards, and procedures
  • Conduct regular security audits, risk assessments, and vulnerability assessments
  • Monitor security events, investigate incidents, and coordinate remediation activities
  • Collaborate with IT and business teams to ensure secure system design and deployment
  • Maintain and update access control mechanisms, encryption standards, and authentication protocols
  • Ensure compliance with relevant cybersecurity and data protection regulations
  • Provide training and awareness programs to staff on information security best practices
  • Prepare reports on information security metrics, risks, and incidents for senior management
  • Fulltime
Read More
Arrow Right

Principal Information Security Manager

This is not a build-from-scratch role. It is a step up in maturity: fewer manual...
Location
Location
Germany , Berlin
Salary
Salary:
Not provided
staffbase.com Logo
Staffbase
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company
  • Proven ownership of ISO 27001 and/or SOC 2 programs
  • Track record of representing InfoSec to enterprise customers, including security reviews and escalations
  • Fluent in German and English
  • Comfortable with AI-driven tooling
  • actively looks for automation opportunities in compliance and operations
Job Responsibility
Job Responsibility
  • Lead ISO 27001 and SOC 2 audit cycles end-to-end in preparation, evidence collection, auditor management, and findings remediation
  • Own the control framework and ensure it stays current as the business evolves
  • Prepare the InfoSec program for investor and M&A due diligence scrutiny
  • Own the response to enterprise customer security questionnaires and RFPs
  • Represent Staffbase credibly in customer security reviews, calls, and audits
  • Build scalable approaches (automation, templates, knowledge base) to reduce response time without sacrificing quality
  • Maintain the risk register and drive risk treatment decisions with relevant stakeholders
  • Own vendor security assessments for critical and high-risk suppliers
  • Partner with Procurement and Legal on AI-assisted review workflows
  • Own the internal security policy framework, keep it current, understandable, and enforced
What we offer
What we offer
  • attractive salary packages including LTIP (unit-based Long Term Incentive Plan)
  • flexible working time models and the option of hybrid work
  • yearly flex work allowance of €1560
  • 31 vacation days annually (incl. one floating holiday)
  • pro rata fully paid Fridays off during August
  • company pension scheme
  • one day off per year for supporting a social project (Volunteers Day)
  • Fulltime
Read More
Arrow Right

Client Information Security Manager (ISM)

The NTT DATA Services Information Security Manager (ISM) oversees and coordinate...
Location
Location
United States , Plano
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of relevant experience
  • Strong knowledge of standards / regulations impacting information security (e.g., NIST, ISO, PCI)
  • Experience with information security internal & external audits, contract compliance, and quality initiatives
  • Significant experience in identifying and utilizing a global risk based management model.
Job Responsibility
Job Responsibility
  • Ensure the delivery of information security services to the customer is in compliance with the contract and any applicable standards and regulatory requirements (e.g., PCI, SOX)
  • Collaborate with the client in the definition and implementation of information security policies, strategies, procedures and configurations in order to ensure confidentiality, integrity and availability of client’s environment and data
  • Participate with the customer in the strategic design process to translate security and business requirements into processes and systems
  • Evaluate new / emerging security products and technologies and make recommendations to customer leadership in regards to the security posture impact on the organization
  • Identify, review and recommend information security improvements as they relate to the achievement of the customer’s business goals and objectives
  • Manage and drive remediation efforts related to information security
  • remediation may be from incidents, penetration tests, vulnerability scans, internal/external audits and Critical Practice assessments
  • Identify information security weaknesses and/or gaps in the customer’s current operations and work with the customer to bring information security operations up to standards
  • Participate and represent IT Security in Delivery/Operational meetings
  • conduct an information security operational review meeting with account (e.g., Customer Delivery Executive) and customer (e.g., CISO) key stakeholders with topics including information security status and performance
  • Fulltime
Read More
Arrow Right

Information Security & Program Protection Planning Analyst

Astrion is seeking a highly skilled Information Security & Program Protection Pl...
Location
Location
United States , Huntsville
Salary
Salary:
Not provided
astrion.us Logo
Astrion
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in information systems, Cybersecurity, Engineering, or related field
  • 8+ years of experience supporting DoD acquisition programs with a focus on Program Protection
  • System Security Engineering
  • Acquisition Security / Risk Management
  • Strong working knowledge of DoDI 5200.39, DoDI 5000.02, AFPAM 63-113
  • CPI / Critical Components protection methodologies
  • Experience evaluating acquisition documentation and contractor deliverables
  • Active Top-Secret clearance with ability to obtain SCI
Job Responsibility
Job Responsibility
  • Lead the development and continuous update of Program Protection Plans (PPP) in accordance with DoDI 5200.39, DoDI 5000.02, and AFPAM 63-113
  • Support emerging and legacy Space Sensing satellite programs with tailored protection strategies
  • Ensure alignment of PPPs with Critical Program Information (CPI) and Critical Components (CC) protection requirements
  • Analyze and integrate inputs from Counterintelligence Support Plans (CISP), Integrated Threat Assessments (ITA), System Threat Assessment Reports (STAR), and Operations Security (OPSEC) Plans
  • Translate threat data into actionable protections and mitigation strategies
  • Develop, review, and maintain Anti-Tamper Plans (ATP), Technology Assessment / Control Plans (TA/CP), Security Classification Guides (SCG), and System Security Engineering Management Plans (SSEMP)
  • Ensure compliance with DoD acquisition security policies and lifecycle requirements
  • Evaluate acquisition artifacts for security compliance, including Engineering Change Proposals (ECPs), Configuration Change Proposals (CCPs), and Task Change Proposals (TCPs)
  • Provide written risk assessments addressing cost, schedule, performance, and security impacts
  • Conduct contractor site visits to validate implementation of system security controls
What we offer
What we offer
  • Competitive salaries
  • Continuing education assistance
  • Professional development
  • Multiple healthcare benefits package options
  • 401K with employer matching
  • Competitive time off policy along with a federally recognized holiday schedule
  • Fulltime
Read More
Arrow Right

Principal Information Security Manager

The next chapter is about making it investor-ready, AI-efficient, and capable of...
Location
Location
Germany , Chemnitz
Salary
Salary:
Not provided
staffbase.com Logo
Staffbase
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company
  • Proven ownership of ISO 27001 and/or SOC 2 programs
  • Track record of representing InfoSec to enterprise customers, including security reviews and escalations
  • Fluent in German and English
  • Comfortable with AI-driven tooling
  • actively looks for automation opportunities in compliance and operations
Job Responsibility
Job Responsibility
  • Lead ISO 27001 and SOC 2 audit cycles end-to-end in preparation, evidence collection, auditor management, and findings remediation
  • Own the control framework and ensure it stays current as the business evolves
  • Prepare the InfoSec program for investor and M&A due diligence scrutiny
  • Own the response to enterprise customer security questionnaires and RFPs
  • Represent Staffbase credibly in customer security reviews, calls, and audits
  • Build scalable approaches (automation, templates, knowledge base) to reduce response time without sacrificing quality
  • Maintain the risk register and drive risk treatment decisions with relevant stakeholders
  • Own vendor security assessments for critical and high-risk suppliers
  • Partner with Procurement and Legal on AI-assisted review workflows
  • Own the internal security policy framework, keep it current, understandable, and enforced
What we offer
What we offer
  • Competitive Compensation - we offer attractive salary packages including LTIP (unit-based Long Term Incentive Plan)
  • Flexibility - we offer flexible working time models and the option of hybrid work, and support this with a yearly flex work allowance of €1560
  • Recharge - with 31 vacation days annually (incl. one floating holiday), plus pro rata fully paid Fridays off during August
  • Support - we’re offering a company pension scheme
  • Volunteers Day - you’ll get one day off per year for supporting a social project
Read More
Arrow Right

Principal Information Security Manager

We inspire people to achieve great things together. Our mission is to help organ...
Location
Location
Germany , Dresden
Salary
Salary:
Not provided
staffbase.com Logo
Staffbase
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company
  • Proven ownership of ISO 27001 and/or SOC 2 programs
  • Track record of representing InfoSec to enterprise customers, including security reviews and escalations
  • Fluent in German and English
  • Comfortable with AI-driven tooling
  • actively looks for automation opportunities in compliance and operations
  • Experience supporting or preparing for M&A or investor due diligence processes
  • Background working alongside Legal, Procurement, and Engineering
  • Practical understanding of cloud security architecture (enough to challenge and validate, not operate)
  • Relevant certification: CISM, CISSP, ISO 27001 Lead Auditor/Implementer, or equivalent
Job Responsibility
Job Responsibility
  • Act as the senior deputy for InfoSec within our Finance & Operations department, owning the function day-to-day
  • Lead ISO 27001 and SOC 2 audit cycles end-to-end
  • Own the control framework
  • Prepare the InfoSec program for investor and M&A due diligence scrutiny
  • Own the response to enterprise customer security questionnaires and RFPs
  • Represent Staffbase credibly in customer security reviews, calls, and audits
  • Build scalable approaches to reduce response time
  • Maintain the risk register and drive risk treatment decisions
  • Own vendor security assessments for critical and high-risk suppliers
  • Partner with Procurement and Legal on AI-assisted review workflows
What we offer
What we offer
  • Competitive Compensation - we offer attractive salary packages including LTIP
  • Flexibility - we offer flexible working time models and the option of hybrid work, and support this with a yearly flex work allowance of €1560
  • Recharge - with 31 vacation days annually (incl. one floating holiday), plus pro rata fully paid Fridays off during August
  • Support - we're offering a company pension scheme
  • Volunteers Day - you'll get one day off per year for supporting a social project
  • Fulltime
Read More
Arrow Right