Listing Description

Alexandra Lozano Immigration Law (ALIL) is seeking an Information Security Manager who will be responsible and help build, manage and lead all functions of Information Security, including Security Operations, Product Security, and GRC. 

As an Information Security Manager, you will be accountable for: 

• Lead the development and implementation of ALIL’'s IT Security Roadmap to an industry aligned information security framework.


• Define and enhance ALIL’'s security awareness program, conducting regular role-based security training for all employees.


• Create and maintain security documents (policies, standards, baselines, guidelines, and procedures) to meet regulatory requirements.


• Stay current with developments in the IT security industry, including new security solutions, processes, and emerging threats.


• Oversee the execution of regular vulnerability assessments, penetration tests, and security audits.


• Establish and improve vulnerability management across the IT organization, including tools, processes, SLAs/SLOs, discovery, and response.


• Stay informed about industry news related to software and hardware vulnerabilities, zero-day exploits, and emergency patch requirements.


• Lead Security Analysts in Incident Response in collaboration with  24x7 SOC partner team.


• Ensure the confidentiality, integrity, and availability of data on enterprise workstations, servers, and systems.


• Coordinate and monitor information security activities organization-wide, providing periodic status and progress reports to relevant parties, leadership, and stakeholders.

To be successful in this role, you should possess: 

• Bilingual English/Spanish


• Bachelor's Degree in information security, computer science, computer engineering, or a related field or equivalent experience.


• 8 years of relevant experience in IT Security or related field.


• 5 years of experience in implementing and managing security solutions.


• 5 years of infrastructure-related experience (e.g., network, server, endpoint) is preferred.


• Experience with Microsoft Azure (Entra) and their implementation of Zero Trust Network Access a plus..


• One or more professional security certifications such as GSEC, CISM, or CISSP is desired.


• Excellent communication skills, verbally and in writing, across all organizational levels and ability to build cross-organizational coalitions.


• Ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff, security vendors, consultants and senior management.


• An understanding of Cybersecurity threats, vulnerabilities, controls, and remediation strategies in global environments.


• Experience related to security design, architecture, and incident response.


• Strong work ethic, demonstrated attention to detail, excellent time management, and organizational skills.


• Proven team building and team leadership experience.


• Strong ability to work collaboratively across teams with quickly changing priorities.


•  

#IN-ALIL