Senior Manager, Information Security

Frontline Road Safety Group is the undisputed North American pavement marking leader. Our company, owned by Bain Capital, proudly provides customers with unparalleled customer service and the use of innovative technology to ensure timely and value-added our time of growth, we are currently looking to add a Senior Manager of Information Security to our Denver HQ team. This is an on-site position in our downtown Denver headquarters. We are not considering relocation for out of state candidates or candidates who are not in metro Denver.Pay Range Commensurate With Experience: $140-$160KCollaborates With: MSP/MDR, IT Operations, HR, Legal, Compliance, Business UnitsRole OverviewReporting to the Chief Information Officer, the Senior Manager of Information Security serves as the organization’s key cybersecurity authority, responsible for establishing, managing, and continually enhancing a robust, enterprise-wide information security and data privacy program. This role provides strategic direction, ensures regulatory compliance, leads incident response efforts, and fosters a strong security culture across the enterprise. The role also governs relationships with third-party vendors and managed security partners and drives business-aligned risk management and resiliency efforts.Key ResponsibilitiesStrategic Leadership & GovernanceDevelop, implement, and maintain the organization's information security and data privacy strategy, policies, and governance framework, aligning with frameworks such as NIST CSF 2.0 and CIS Controls.Serve as a trusted advisor to leadership on cyber risk, compliance obligations (e.g., PCI, CJIS), and emerging threats.Establish and manage key performance indicators (KPIs) and dashboards to measure program effectiveness and foster continuous improvement.Develop and communicate a strategic vision for the security program that balances business enablement with risk mitigation.Security Operations & Incident ResponseLead incident response efforts, exercises, and investigations in collaboration with the MSP/MDR Security Operations Center (SOC).Coordinate real-time monitoring, triage, and response to security alerts and vulnerabilities.Monitor and oversee the organization’s Disaster Recovery (DR) and Business Continuity Plans (BCP), ensuring readiness through regular testing.Lead enforcement and tuning of core security platforms, including EDR (SentinelOne), SIEM (Rapid7 MTC), and the secure email gateway (Checkpoint Harmony).Risk Management & ComplianceImplement third-party vendor risk management program, including onboarding security reviews and continuous monitoring.Conduct and oversee regular security and risk assessments of infrastructure, applications, and new technologies.Monitor and ensure compliance with data privacy and cybersecurity regulations, participating in audits, litigation holds, and access reviews.Implement controls and tracking mechanisms for compliance with frameworks like NIST, ISO, and Privacy Laws like PRA/CCPA (California), and CPA (Colorado) to name a few, and sector-specific mandates.Security Architecture & Technology OversightEvaluate and implement advanced security solutions (e.g., DLP, SASE, CASB, PAM, CSPM, LAPS) to enhance the organization's risk posture.Collaborate with other IT teams to secure infrastructure, cloud services, and applications through defense-in-depth strategies.Define and enforce technical security standards, including secure configuration baselines and secure coding guidelines.Own oversight for external access controls, firewall policy governance, DNS protection, DMARC/SPF, and log management.Security Awareness & Culture BuildingLead and enhance the Security Awareness Training (SAT) program (e.g., KnowBe4), including phishing simulations and compliance reporting.Advocate for a security-first culture across IT and business teams through ongoing engagement, communication, and training.Drive remediation campaigns based on audit findings or security control gaps identified.Key Tools & PlatformsFunctionTools / PartnersSIEM/SOCRapid7 MTC (IDR, IVM) – MDR ProviderEndpoint DetectionSentinelOne (S1)Email SecurityCheckpoint Harmony SEGSAT/PhishingKnowBe4Log ManagementMSP – Log Source ManagementDNS, SPF, DMARCMSP – Configuration ManagementQualifications:Education: Bachelor’s degree in Information Security, Computer Science, or related field (Master’s).Experience: 5+ years in information security leadership roles, with expertise in managing enterprise-wide programs in federated, M&A, or regulated environments.Certifications: CISSP, CISM, or equivalent strongly.Technical Proficiency: Deep knowledge of risk management, security technologies, and compliance frameworks (NIST, CIS, ISO).Business Acumen: Ability to balance cybersecurity strategy with business growth goals, using risk-based munication Skills: Strong ability to articulate security concepts to non-technical stakeholders and executive leadership.Leadership: Experience managing cross-functional teams and vendor relationships, including MDR governance and performance measurement.What Success Looks Like?A measurable reduction in organizational cyber risk through improved controls and visibility.Security events are detected, contained, and remediated with minimal business disruption.A well-established, compliant, and auditable information security program.A workforce that demonstrates security awareness and embraces shared accountability.Security technologies are optimized and integrated across IT towers and business recognition of your commitment to us, Frontline Road Safety Group offers the following:SAFETY FIRSTWork for an industry leader in pavement marking that puts the safety of their employees at the highest priority.WE ARE GROWINGFrontline Road Safety is already North America’s leader in pavement marking, but we are not slowing down. We are continuing to grow our footprint and expand our operation. It’s an exciting time to be with us!COMPETITIVE PAY/BENEFITS PACKAGEPay range will be commensurate with knowledge/skills/abilities but should fall in the range of $140K-160K.Excellent medical, dental, vision, life insurance and 401(k) benefits including a company matchFrontline Road Safety Group is an equal opportunity employer. We are committed to creating an inclusive environment for all employees. #J-18808-Ljbffr

Created: 2025-09-23