Manager, Information Security and Policy

FedPoint is seeking a highly skilled and experienced Manager of Information Security Policy and Compliance to lead and manage a dynamic team responsible for shaping the company's security policy, regulatory compliance efforts, and risk management practices. This role offers the opportunity to drive innovation and excellence across key functions, including policy development, audit preparation, vulnerability management, business continuity, and security training. The ideal candidate will bring extensive leadership experience and a deep understanding of security compliance frameworks.

Key Responsibilities:

As the Manager of Information Security Policy and Compliance, you will:

1. Team Leadership (20%)
   • Provide strategic guidance and work prioritization for the team to align efforts with business needs.
   • Foster a collaborative environment by creating clear roles, ensuring timely feedback, and motivating team members to exceed goals.
   • Lead continuous technology transformation initiatives, reducing technical debt and advancing policy and compliance maturity.
2. Regulatory Audit and Assessment Reporting (20%)
   • Oversee preparation for internal and external audits, ensuring comprehensive documentation and smooth auditor interactions.
   • Manage the facilitation of recurring audits and assessments to ensure compliance with regulatory standards.
3. Policy Development and Refinement (15%)
   • Lead efforts to refine and refresh information security policies to align with business objectives.
   • Develop repeatable processes and automated systems to support audits and regulatory reporting.
   • Address customer inquiries related to policy and compliance standards.
4. Vulnerability Management Reporting (15%)
   • Develop and execute monthly reporting metrics for vulnerability management programs, collaborating with teams to improve vulnerability scanning and remediation processes.
   • Monitor and measure SLAs for vulnerability remediation efforts.
5. Information Security Awareness (10%)
   • Oversee corporate security and compliance training initiatives, tracking metrics and ensuring content relevancy.
   • Foster a culture of security awareness through engaging training and communication programs.
6. Incident Response and Business Continuity Oversight (15%)
   • Manage the creation, maintenance, and testing of the Incident Response (IR) and Business Continuity plans.
   • Collaborate with internal and external stakeholders to ensure readiness, including maintaining key vendor relationships.
7. Innovation and Continuous Improvement (5%)
   • Stay current on emerging security technologies and industry best practices.
   • Lead initiatives that improve processes, foster continuous learning, and promote a culture of innovation within the team.

Qualifications:

• Education: Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Experience: 10 years of cumulative experience in technology-related roles, including a proven track record in policy compliance and process improvement.
• Leadership: 5 years of personnel management experience, with a focus on team leadership and development.
• Expertise: Deep understanding of compliance frameworks (ISO, SOC), regulatory security requirements (FIPS, FEDRAMP, NIST, HIPAA, 23 NYCRR 500), and cloud security compliance.
• Skills: Strong strategic thinking, time management, and collaboration skills. Exceptional communication abilities to interact with diverse stakeholders.

Location: Portsmouth, NH - Hybrid Role

Schedule: Enjoy the perfect balance of in-office collaboration and remote work with a Hybrid schedule, plus the option to work from home a few days a week!

About FedPoint

FedPoint creates and operates digital benefits marketplaces that make it easy for our millions of federal and military customers to understand, select, and use their benefits. A subsidiary of John Hancock Life & Health Insurance Company, FedPoint was founded in 2002 and is headquartered in Portsmouth, NH. To learn more, visit fedpointusa.com.

Why Join Us?

At FedPoint, our mission is to create and deliver world-class benefits experiences for our customers, clients, and business partners.

We offer a dynamic work environment where innovation and collaboration are encouraged. You'll have the opportunity to make a significant impact while honing your skills and advancing your career.

In addition to working for a company with great people and an excellent reputation, what’s in it for you?

• Generous 401k plan: 100% match of employee's contribution, up to a maximum of 6% salary, vests immediately.
• Bonus Opportunity: This position is eligible for the manager bonus of up to 15% of their salary, based on company performance. (Inquire about eligibility with our recruiter)
• Lots of paid time off: 3 weeks’ vacation, 7 sick days, 3 personal days, and 12 paid holidays!
• Competitive benefits include health, dental, vision, disability, life, legal, flexible spending account (FSA) and Health Savings Account (HSA) options.
• 6 weeks fully-paid parental leave
• Tuition reimbursement program to support career goals.
• Corporate giving and matching gifts program.
• Volunteer program: Paid time off to volunteer and company-organized volunteering opportunities.
• A wide variety of personal, professional, and career development programs.
• Comprehensive wellness program offering a variety of resources and activities to help support your well-being in the following areas: career, financial, mental, emotional, physical, social and community.

All offers of employment with FedPoint are conditional upon satisfactory completion of a pre-employment background check.

FedPoint is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, or protected veteran status and will not be discriminated against on the basis of disability. If you believe you need a reasonable accommodation in order to search for a job opening or to submit an online application, please call (603) 433-4500. Equal Employment Opportunity (EEO) Poster Family and Medical Leave Act (FMLA) Poster Employee Polygraph Protection Act Poster