IT Information Security Manager

We are better together!!! And we hope that includes you!!! We’re a community of problem solvers passionate about helping clients take their sales to the next level. We develop tools that reinvent the way products get into the hands of consumers across the globe.

Overview:

The Candidate

Our ideal candidate is a seasoned Information Technology Security Manager with a passion for ensuring the security of systems, data and information assets. You have an entrepreneurial spirit, infectious personality, and the ability to earn instant rapport with internal and external clients. The right candidate learns fast, is self-motivated, and wants to grow while contributing to the success of the team.

The Culture

SmartCommerce team members are passionate go-getters who wake up excited about helping our amazing clients. We are a "Family First" organization where our families at home, work-family, and clients are all a priority. We believe that when SmartCommerce's cultural beliefs align with yours, success will follow.

What we do

At SmartCommerce, we’re a community of problem solvers passionate about helping clients take their sales to the next level! We develop tools that reinvent the way products get into the hands of consumers across the globe.

Your compensation and benefits

The salary range for this position is $125,000 to $160,000 per year. This depends on a number of factors, including your skills and experience. This role is fully remote with the expectation that you will work from the city and state you are hired in. There may be some business travel on rare occasions. This role offers a comprehensive suite of benefits shared in more detail below.

Job Summary

The Information Security Manager will lead and manage the team responsible for ensuring the security of the organization's systems and information assets. This role will oversee the development and implementation of security systems, guidelines, and strategies, and implement processes and procedures to protect the organization against unauthorized access, use, disclosure, disruption, modification, and/or destruction. The manager will conduct and review audits and risk assessments, evaluate internal operations and controls, and oversee the migration of non-compliant environments to compliant environments. This role ensures compliance with data protection guidelines and applicable laws, championing a culture of security throughout the organization.

This is a hands-on individual contributor role responsible for tactical as well as management tasks.

Core Responsibilities:

• Manages the team responsible for ensuring the security of the organization's systems and information assets.
• Oversees the development and implementation of security systems, guidelines, and strategies.
• Implements processes and procedures to protect the organization against unauthorized access, use, disclosure, disruption, modification, and/or destruction. 
• Conducts and reviews audits and risk assessments.- Reviews and evaluates internal operations and controls. 
• Oversees the migration of non-compliant environments to compliant environments.
• Ensures compliance with data protection guidelines and applicable laws.
• Develop, implement, and maintain a robust corporate compliance program that covers all relevant laws, regulations, and ethical standards, including data privacy (e.g., GDPR, CCPA, state-specific laws), industry-specific regulations, and general business conduct. 
• Define, establish, and continuously improve SmartCommerce's information security strategy, policies, and procedures to protect company and client data assets from internal and external threats.
• Lead risk assessments and develop mitigation strategies for compliance and security risks, including operational, reputational, legal, and financial exposures. 
• Oversee the development and delivery of comprehensive compliance and security training programs for all employees to foster a culture of awareness and accountability. 
• Manage and respond to internal and external audits related to compliance, security, and data privacy, serving as the primary point of contact and ensuring satisfactory outcomes.
• Stay abreast of evolving regulatory landscapes, industry best practices, and emerging threats in data privacy, cybersecurity, and corporate governance, advising executive leadership on potential impacts and necessary adjustments.
• Develop and manage incident response plans for security breaches and compliance violations, leading investigations and remediation efforts.
• Collaborate closely with relevant departments, including by not limited to: Product, Engineering, Data Operations, and Sales teams to ensure that new products, features, and business initiatives are designed and launched with "privacy by design" and "security by design" principles embedded from the outset.
• Oversee third-party vendor risk management programs related to data security and compliance.
• Establish and manage relevant certifications (e.g., SOC 2) and compliance frameworks pertinent to SmartCommerce's business. 
• Prepare and present regular reports on compliance and security posture, incidents, and initiatives to the executive team and others as needed. 
• Lead, mentor, and potentially build a team of compliance and security professionals as the company grows.
• Manage non-platform infrastructure, including user technical support, access requests, terminations, etc.
• Other responsibilities may be added.

Skills:

• Strong knowledge of information security frameworks (e.g., NIST, ISO 27001, SOC 2) and cybersecurity best practices. 
• Proven track record of developing and managing effective security programs in a dynamic environment.
• Experience with risk assessment methodologies and GRC (Governance, Risk, and Compliance) platforms.
• Excellent leadership, strategic thinking, analytical, and problem-solving skills. 
• Superior communication (written and verbal), negotiation, and interpersonal skills, with the ability to influence and align diverse stakeholders.
• Demonstrated ability to manage crisis situations and lead incident response effectively.
• Relevant certifications such as CISSP, CISM, or CompTIA Security+ are highly desirable.
• Deep expertise in global data privacy regulations (e.g., GDPR, CCPA, LGPD) and experience implementing robust privacy programs.
• Familiarity with the e-commerce, retail technology, or advertising technology ecosystem is a significant plus.

Experience: and Education Requirements:

• Education Requirement: Bachelor's degree in Computer Science, Information Security, or a related field.

• Experience Requirement: 7+ years of progressive experience in information security, with at least 3-5 years in a management or leadership role.

Physical Requirements

• Prolonged periods of sitting and/or standing at a desk and working on a computer.

Travel Requirements, Weeknight or Weekend Work

• Less than 10%.

OUR EEO STATEMENT

We are an equal opportunity employer. We encourage applications from all qualified individuals without regard to race, color, religion, gender, sexual orientation, gender identity or expression, age, national origin, marital status, citizenship, disability, veteran status and record of arrest or conviction, or any other characteristic protected by applicable law. Black people, Indigenous people, people of color; lesbian, gay, bisexual, transgender, queer, and intersex people; women; people with disabilities, protected veterans, and formerly incarcerated individuals are all strongly encouraged to apply. We seek a diversity of experience and skills for our workplace and encourage people from all backgrounds to apply to our openings.

Please note: Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.

At SmartCommerce, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll also enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan, supplementary benefits, paid time off, and professional development opportunities.

Benefits:

• Health Care Plans (Medical, Dental & Vision)
• Retirement Plan (401k, Profit Sharing)
• Life Insurance (Basic, Voluntary & AD&D)
• Long-Term Disability
• Short- Term Disability
• Paid Time Off (Vacation, Sick & Public Holidays)
• Family Leave (Maternity, Paternity)
• Work From Home
• Wellness Resources