[Hiring] Senior Manager – Information Security & Global Compliance @Jensen Hughes

Role Description

We are hiring a Senior Manager – Information Security & Global Compliance to drive the organization’s security posture by translating security policies, global compliance requirements, and risk frameworks into actionable execution across IT, Enterprise Applications, Cloud, and Digital teams. This is a hands-on leadership role that combines technical depth, cross-functional influence, and execution discipline. You will lead security initiatives including:

• Vulnerability management
• Endpoint security
• Identity governance
• Global compliance (CMMC, NIST, regional requirements)

Ensuring security and compliance are embedded into daily operations—not treated as separate functions.

Responsibilities

• Security strategy & execution:
  • Translate security policies and frameworks into practical implementation plans across IT, EA, and Cloud teams
  • Drive execution of key initiatives:
    • Vulnerability management
    • Patch compliance
    • Endpoint security
    • Identity & access management
  • Establish and enforce security standards across systems and platforms
• Global compliance & governance:
  • Lead implementation of global compliance frameworks:
    • CMMC
    • NIST 800-171 / NIST CSF
    • Regional regulatory requirements (e.g., GDPR, UK/EU compliance)
  • Translate controls into operational processes and technical enforcement
  • Ensure audit readiness, evidence collection, and control validation
  • Maintain consistency of compliance practices across global teams
• Vulnerability & risk management:
  • Own vulnerability management program
  • Define remediation SLAs and track execution
  • Partner with IT, Cloud, and Application teams to drive remediation
  • Provide clear reporting on risk posture and trends
• Cross-functional leadership:
  • Act as the bridge between InfoSec, IT, EA, Cloud, and regional teams
  • Drive accountability without direct authority
  • Embed security into system design, delivery, and operations
• Identity & endpoint security:
  • Oversee identity governance and access control models (least privilege, RBAC)
  • Ensure endpoint security and system hardening standards are implemented
  • Partner with IT to enforce secure configurations
• Security & compliance reporting:
  • Define and track key metrics
  • Vulnerability remediation timelines
  • Patch compliance rates
  • Control effectiveness
  • Deliver executive-level reporting on global security posture
  • Highlight risks, gaps, and remediation progress
  • Track and report key security metrics
• Vendor security:
  • Evaluate vendor security and compliance posture
  • Ensure security requirements are included in onboarding and renewals
  • Partner with procurement and IT to manage third-party risk
• Team leadership:
  • Manage and coach a team of 2 InfoSec professionals
  • Set priorities and ensure execution of security and compliance initiatives
  • Drive accountability, growth, and performance within the team

Qualifications

• 12+ years of experience in Information Security
• Strong hands-on experience in:
  • Vulnerability management in Rapid7
  • Endpoint security and patching
  • Identity and access management
• Proven experience implementing:
  • CMMC
  • NIST 800-171 / NIST CSF
• Experience driving execution across multiple teams and functions
• Strong understanding of IT infrastructure, cloud environments, and enterprise systems
• Experience managing small teams

Preferred Qualifications

• Experience in global organizations with multi-region compliance requirements
• Familiarity with:
  • GDPR or regional data protection laws
  • GCC High / secure enclave environments
• Experience supporting audits and regulatory assessments
• Certifications:
  • CISSP
  • CISM
  • Security+

Key Outcomes

• Measurable improvement in vulnerability remediation timelines
• Improve overall security posture through Policy and Procedures
• Strong, audit-ready compliance posture (CMMC, NIST, global frameworks)
• Clear and consistent executive reporting
• Improved collaboration across IT, Application, Cloud, and Security teams
• Effective development and performance of direct reports

Benefits

• Competitive total rewards package
• Retirement plan
• Healthcare coverage
• Broad range of other benefits