Senior Info Security Manager

What's the role?

The Trust organization secures HERE’s data, products and services, ensures best-in-class security, privacy, and compliance for customers, partners, and employees, while protecting the organization against physical and virtual threats. Trust is a globally distributed team of security and privacy professionals focus to enable HERE’s strategic priorities and expanding customer base by assessing and mitigating technology risk.

The Risk Governance team is a globally distributed team of cyber risk professionals working together to secure and govern the world’s preeminent location data ecosystem and platform. The Senior Manager of Risk Governance is responsible for managing, maintaining, and maturing the cyber risk governance and assurance program, maturing HERE’s compliance with laws and certification frameworks, and advancing: customer security due diligence, supplier risk management, application security and assurance, open-source compliance, and information security risk management programs.

This individual will work directly with teams across the company, particularly Development, Product, IT, Legal, and Finance teams, to develop location-based services that comply with customer and HERE requirements. This role will require a strong ownership mindset, data-backed decision-making, and rapid adaptability to changing priorities. The individual that fills it will be responsible for managing several critical business functions for HERE.

• Lead and manage HERE’s Risk Governance function, encompassing cyber risk, supplier risk, application security, privacy, and enterprise security training and awareness.
• Direct a global team of technical and non-technical professionals, providing coaching, leadership, and strategic direction.
• Implement and leverage enterprise tools (e.g., Jira, Splunk, Power Automate) to automate risk identification, assessment, and reporting.
• Drive customer and supplier trust assurance, including due diligence, security reviews, and compliance with regulatory and contractual obligations.
• Conduct and communicate risk assessments to senior leadership, aligning with HERE’s risk appetite and enterprise risk management strategy.
• Maintain and evolve cybersecurity maturity models, policies, and standards in alignment with frameworks like ISO 27001, SOC 2, and HITRUST.
• Integrate and scale trust assurance processes, ensuring efficient, compliant reviews of internal applications and third-party solutions.

Who are you?

• 9+ years of experience balancing business opportunity with technology risk, with a strong focus on cybersecurity and privacy.
• Proven success navigating and complying with major security frameworks, including ISO 27001, SOC 2, TISAX, NIST, and FedRAMP.
• Strong grasp of cloud technologies and development practices, particularly within AWS environments.
• Effective use of GenAI and data experimentation to streamline operations and support evidence-based decision-making.
• Skilled communicator, adept at translating complex technical risks into clear business insights for executive stakeholders.
• Experienced in leading diverse, globally distributed teams to deliver results in complex, matrixed organizations.
• Bachelor’s degree in a relevant business or technical field.

The expected base salary range for this position is $170,000 to $240,000 per year. Actual compensation will be based on factors such as skills and experience. 

This position is also eligible for a target annual performance bonus, which is subject to company and individual performance.

Life at HERE comes with generous benefits to support your health and overall wellness. Benefits available to US-based HERE employees include health (Medical/Dental/Vision) insurance, retirement savings plans, paid time off & leave policies. 

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, HERE will consider for employment qualified applicants with arrest and conviction records.

HERE is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, age, gender identity, sexual orientation, marital status, parental status, religion, sex, national origin, disability, veteran status, and other legally protected characteristics.

Under Section 503 of the Rehabilitation Act of 1973 and VEVRAA, we have developed an affirmative action program (AAP) for individuals with disabilities and protected veterans. Portions of the AAP are available for review by applicants and employees through our People Team.

#LI-AG3

Who are we?

HERE Technologies is a location data and technology platform company. We empower our customers to achieve better outcomes – from helping a city manage its infrastructure or a business optimize its assets to guiding drivers to their destination safely.

At HERE we take it upon ourselves to be the change we wish to see. We create solutions that fuel innovation, provide opportunity and foster inclusion to improve people’s lives. If you are inspired by an open world and driven to create positive change, join us. Learn more about us on our YouTube Channel.