
Information Security Manager
Posted Jun 19

Posted Jun 19
This is a fully remote position, open to applicants in Illinois.
• Oversee and implement the organization’s information security program, which encompasses policies, procedures, controls, security standards, risk assessments, remediation tracking, and continuous security enhancements.
• Conduct daily security operations, including monitoring security tools, analyzing alerts, investigating unusual activities, coordinating responses, managing vulnerabilities, and enhancing detective and preventive measures.
• Evaluate, implement, and sustain security controls across enterprise systems, such as infrastructure, endpoints, identity platforms, cloud environments, field service applications, mobile devices, as well as the Microsoft Azure and Microsoft 365 ecosystems.
• Maintain and oversee the organization’s incident response protocol. Analyze security incidents, coordinate containment and remediation efforts, document events, and collaborate with internal teams and external partners as necessary.
• Recognize and mitigate cybersecurity risks associated with field service scheduling systems, mobile device usage, remote workforce access, geographically dispersed operations, and field technician workflows.
• Conduct or coordinate vulnerability assessments, risk reviews, security control evaluations, and remediation activities. Prioritize findings based on business impact, likelihood, and operational risk.
• Enhance identity and access management practices, including user access reviews, privileged access controls, multi-factor authentication, conditional access, endpoint security, and device compliance.
• Configure, monitor, and enhance security across Microsoft Azure and Microsoft 365 environments, including Entra ID, Defender, Purview, Exchange Online, SharePoint, Teams, Intune, and other related security capabilities.
• Assist with disaster recovery and business continuity planning from a cybersecurity standpoint. Support backup protection, recovery testing, ransomware preparedness, and resilience planning.
• Maintain security documentation, policies, procedures, standards, risk registers, audit evidence, and compliance-related materials. Ensure alignment with relevant cybersecurity best practices and business requirements.
• Foster a practical security awareness culture throughout the organization, including field technicians, office staff, operations teams, and business users. Support phishing simulations, user education, and security communications.
• Assist with security assessments of vendors, service providers, software platforms, and third-party integrations. Monitor risks and coordinate follow-up remediation as needed.
• Collaborate closely with infrastructure, applications, service desk, operations, and business stakeholders to identify security requirements, resolve issues, and implement effective security enhancements.
• A minimum of 5+ years of hands-on experience in cybersecurity, information security, infrastructure security, systems administration, or a related technical field.
• Proven ability to manage and execute essential security functions independently without relying on a large internal security team.
• Strong technical expertise in incident response, vulnerability management, endpoint security, identity and access management, security monitoring, and threat mitigation.
• Comprehensive understanding of cybersecurity principles, common attack techniques, security controls, risk management, and infrastructure hardening.
• Practical experience in securing Microsoft Azure and Microsoft 365 environments, including developing and maintaining automation scripts.
• Familiarity with Microsoft security tools such as Microsoft Defender, Entra ID, Intune, Purview, Sentinel, or similar technologies is preferred.
• Experience in supporting security in environments with remote workers, mobile devices, distributed locations, or field service operations is highly desirable.
• Ability to assess security risks and suggest practical, business-aligned remediation measures.
• Strong documentation skills, including the ability to maintain policies, procedures, standards, incident records, and risk registers.
• Comfortable communicating security topics to both technical and non-technical audiences.
• Ability to work autonomously, prioritize effectively, and drive security initiatives to completion.
• Experience with disaster recovery, business continuity, backup protection, and ransomware preparedness is preferred.
• Security certifications such as CISSP, CISM, CISA, Security+, CySA+, GSEC, or similar are preferred but not mandatory.
• Certifications in infrastructure, cloud, or Microsoft are advantageous.
• 401(k) plan with company match
• Medical insurance
• Dental insurance
• Vision insurance
• FSA/HSA
• PerkSpot
• Long-Term Disability and Life Insurance
• Paid time Off
• Tuition Reimbursement (after one year of service)
FlexPoint
True Footage
Division of Student Life at the University of Tennessee, Knoxville
Get handpicked remote jobs straight to your inbox weekly.