Information Security Manager

Information Security Manager

Location: Remote, US Job Type: Full-Time

About Telestream

For over 25 years, Telestream has been redefining how the world creates, delivers, and monetizes video. As a leader in media workflow automation, video processing, quality monitoring, and live streaming solutions, we empower the biggest names in media, entertainment, and technology-including CBS, BBC, CNN, FOX, and Comcast-to deliver flawless video experiences.

At Telestream, we're not just shaping the future of video-we're also reimagining the future of work. Our fully remote workforce spans 25 countries, giving our employees the flexibility to work from anywhere while staying connected through a strong, employee-focused culture. We believe in autonomy, collaboration, and work-life balance, offering a generous benefits package designed to support your well-being and success.

We are looking for an Information Security Manager to drive our cybersecurity, risk management, and compliance efforts, ensuring that Telestream remains secure, compliant, and resilient against evolving cyber threats.

About the Role

As the Information Security Manager, you will be responsible for managing Telestream's security operations, compliance programs (SOC 2, GDPR, ISO 27001), data protection strategies, and incident response procedures. This role plays a critical part in our cybersecurity posture by identifying risks, mitigating threats, and ensuring regulatory compliance across all business operations. You will also support the RFI/RFP process, providing security documentation and responses to customer inquiries about Telestream's security policies and practices.

This role reports to the Director of Information Security and works closely with IT, Engineering, Legal, and Business teams.

Key Responsibilities

Cybersecurity & Threat Management

• Oversee security operations, including monitoring, threat detection, and incident response.
• Lead vulnerability management, penetration testing, and security risk assessments to identify and mitigate threats.
• Manage endpoint security, cloud security, identity & access management (IAM), and network security tools.
• Develop and enforce cybersecurity policies, standards, and best practices across the organization.

Risk Management & Compliance

• Ensure compliance with SOC 2, GDPR, ISO 27001, and other relevant security frameworks.
• Lead security audits, risk assessments, and governance processes to meet regulatory and customer requirements.
• Partner with Legal and IT teams to review contracts, security agreements, and third-party risk assessments.
• Maintain business continuity and disaster recovery (BC/DR) security strategies.

Incident Response & Security Awareness

• Develop and manage incident response plans, ensuring quick remediation of security threats and breaches.
• Conduct security awareness training programs to educate employees on phishing, social engineering, and cyber hygiene.
• Lead forensic investigations in the event of a security breach or compliance violation.

Security Documentation & Customer RFI/RFP Responses

• Respond to RFI (Request for Information) and RFP (Request for Proposal) security inquiries from customers and partners.
• Develop and maintain security documentation, policies, and reports for audits, compliance, and legal requirements.
• Work closely with Sales and Customer Success teams to communicate Telestream's security posture to enterprise customers.

Qualifications & Skills

Required Experience:

• 5+ years of experience in cybersecurity, information security, or IT risk management.
• Hands-on experience with security operations, threat detection, incident response, and risk mitigation.
• Knowledge of SOC 2, GDPR, ISO 27001, NIST, and CIS security frameworks.
• Strong experience with security tools such as SIEM, firewalls, EDR, IDS/IPS, IAM, and cloud security solutions.
• Experience in RFI/RFP security response management for enterprise customers.
• Ability to conduct vulnerability assessments, penetration testing, and security audits.
• Experience securing cloud environments (AWS, Azure, or GCP).

Preferred Skills:

• Certifications (CISSP, CISM, CRISC, or equivalent) highly desirable.
• Strong technical writing skills for security policies, compliance documentation, and customer security questionnaires.
• Familiarity with media and streaming security challenges, such as content protection and DRM.