enVista is a high-growth, high-tech global software, consulting, managed services and automation firm that optimizes supply chain and commerce for thousands of omnichannel retailers, distributors, and manufacturers. enVista is the only solutions provider in the market that unifies both supply chains and omnichannel commerce end-to-end, from order capture to fulfillment, and from supplier to customer.

Our global associates are on the front lines of commerce, supply chain and technology - developing innovative solutions that improve profitability, reduce waste and positively impact the world. Through onboarding, developing & training, employee awards & recognition, volunteer committees & affinity groups and mentoring, enVista hires and grows top talent.Together, we work, grow and lead our market as a high-impact organization.

The Information Security Manager is responsible and accountable for ensuring the confidentiality, integrity, and availability of organizational information systems and data, and maintaining related information security strategies consistent with enVista business objectives. This role is also responsible for the implementation and maintenance of information security programs and assessing and/or monitoring the effectiveness of those programs to reduce overall risk exposure. This role must work effectively across enVista and to understand business risks and address the related information security risk implications in a manner that is in accordance with the company culture, market dynamics, and resources.

Key Responsibilities:

• Develop, implement, and monitor a strategic, comprehensive information security and IT risk management program
• Lead Information Security team for delivering managed services to clients
• Lead compliance and audit activities for the organization
• Work directly with business units to facilitate risk assessment and risk management processes
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
• Assist with the overall business technology planning, providing information security knowledge for technology and systems

Skills and Experience Needed:

• Bachelor's degree in Cybersecurity, Information Technology or a related field
• A minimum of 5-7 years of experience working in an Information Security role, IT risk, or cybersecurity Role with at least 3 year of technical management experience
• Relevant industry certification such as CISSP, CCSP, CCSK, CISM
• Knowledge and experience with industry leading tools/platforms such as AWS, Azure, O365, VMware, Sophos, Tenable, Mimecast, Cisco, Dell, Lenovo, Apple
• Knowledge of common information security management frameworks such as ISO/IEC 27001, and NIST
• Familiarity with privacy and security regulations/frameworks such as HIPAA, HITECH, NIST CSF, HITRUST, GDPR, and CCPA
• Incident response management and security risk management experience
• Experience leading compliance and audit activities for ISO/IEC 27001 or SOC2 Type II
• Excellent written and verbal communication skills and high level of personal integrity
• Experience with contract and vendor negotiations
• Strong analytical skills, detail-oriented, and quality-minded
• Ability to translate compliance requirements into technical controls
• Experience with face-to-face client interaction in both project execution and administrative discussions
• Candidates may be based at our Carmel office or remotely anywhere in the contiguous US
• Annual travel up to 25% is anticipated

Benefits of Joining enVista:

• Competitive Compensation & Bonuses
• Medical, Dental & Vision Insurance
• Paid Time Off, Holidays & Volunteer Days
• Life Insurance, Short/Long Term Disability
• Paid Sabbatical Program
• 401k with Company Matching
• Flexible Work Opportunities
• Career Development Program
• Paid Sabbatical After Seven Years of Service
• Employee Referral Bonus

At enVista, diversity, equity & inclusion (DE&I) are part of our core values that we proactively foster and build upon. We are a 'learning' versus 'knowing' organization that values and welcomes diverse perspectives, ideas, beliefs and cultures as we aim to shape the technology, industries and world of the future.