Information Security Manager

About Payscale As the industry leader in compensation management, Payscale is on a mission to help job seekers, employees, and businesses get pay right and to make sustainable fair pay a reality. Empowering more than 65% of the Fortune 500, Payscale provides a combination of diverse and dynamic data sources, experienced compensation services, and scalable software to enable organizations such as Angel City Football Club, Panasonic, Mars Global, eBay, American Airlines and PetSmart to make fair and appropriate pay decisions.Pay is powerful. To learn more, visit www.payscale.com.Location Payscale Romania has an employee centric hybrid model that provides you the flexibility to do your best work in a space that supports you, while also finding time to collaborate in person in our office for the moments that matter.In our hybrid model, employees can work from the location that works best for them when not in the office. Payscale has employees across the US, Canada, UK and currently hiring in Romania.The roleAs a Security Manger at Payscale, you will:

• Lead and mentor a team of Information Security Engineers, fostering growth and career development.
• Oversee platform security initiatives in collaboration with Infrastructure, Engineering, and Platform teams.
• Manage security for hybrid workload architectures, including Windows, Linux, serverless environments, and Kubernetes.
• Secure cloud & hybrid hosting environments, including WAFs, VPCs, network security groups, and firewalls in AWS, Azure, and colocation datacenters.
• Develop and implement operational metrics and KPIs to continuously improve security engineering practices.
• Conduct cloud environment hardening based on best practices and frameworks such as CIS Benchmarks and NIST.
• Manage vulnerabilities using native and third-party tools and coordinate remediation strategies.
• Deploy and manage security tools (e.g. AppArmor, auditd, CNAPP, EDR, sysinternals) to enhance platform security.
• Ensure secure implementation of encryption key and secrets management processes.
• Integrate DevOps and DevSecOps principles to secure CI/CD pipelines and development workflows.
• Ensure secure code to release process is in place covering application and system lifecycles.
• Collaborate on security architecture strategy for containerized applications and Kubernetes environments.
• Support incident response processes, including security incident management for hosting and application platforms.
• Partner with Information Security leadership to align on cross-team goals and strategic initiatives.

Skills

• Bachelor’s Degree in Information Security, Computer Science, or Computer Engineering.
• Minimum of 10 years of experience in Information Security, with a focus on cloud hosting and infrastructure security.
• Minimum of 5 years as a people manager with at least 3 direct reports.
• Strong project management skills, including scoping, requirements gathering, scheduling, and capacity planning.
• Extensive experience with cloud platforms (AWS, Azure, Google Cloud) and their associated security configurations. Relevant certifications (e.g., AWS Certified Security Specialty, Azure Security Engineer Associate) are a plus.
• Experience managing security in regulated and audited environments (SOC2, ISO 27001, PCI, HIPAA, StateRAMP).
• In-depth knowledge of cloud-native security tools, vulnerability management, and encryption technologies.
• Familiarity with frameworks such as CIS, NIST, and best practices for hosting providers.
• Strong understanding of DevSecOps principles, including securing CI/CD pipelines and workflows.
• Excellent communication and leadership skills, with a demonstrated ability to collaborate cross-functionally.
• Information Security Management certification (CISSP, CISM) is preferred.

Benefits and Perks All around awesome culture where together we strive to live our 5 values:

• Respect every individual, work as a team
• Be Customer first, customer centric
• Have a Bias towards action
• Commit to excellence (we give our best everyday)
• Make Data driven decisions

An open and inclusive environment where you’ll learn and grow through programs and resources like:

• Monthly company All Hands meetings
• Regular opportunities for executive leadership exposure through things like AMAs
• Access to continued learning & development opportunities
• Our commitment to a continuous feedback culture which allows us to drive performance and career growth
• A growing network of Employee Resource Groups
• Company sponsored volunteer hours
• And more!

Equal Opportunity EmployerWe embrace equal employment opportunity. Payscale is committed to a policy of equal employment opportunity for all applicants and employees. It is our policy that employees will not be subjected to unlawful discrimination on the basis of race, color, religion, sex, age, national origin, or ancestry, physical or mental disability, veteran or military status, marital status, sexual orientation, political ideology, and any other basis protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including but not limited to: recruitment, hiring, transfers, promotions, training, discipline, termination, compensation and benefits, performance appraisals, education, and social and recreational programs.We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates, so please don’t hesitate to apply — we’d love to hear from you.If you have a disability or impairment and need assistance with the application process, please email recruiting@payscale.com for support.Fraud AlertPayscale values security and privacy. During your job application and interview process, we will never ask for your personal banking or financial information, social security number, or other sensitive information, if you are unsure if a message is from Payscale, please email recruiting@payscale.com