Job Title: Senior Manager, Security & Infrastructure

General Description:

The Senior Manager of Security and Infrastructure is responsible for overseeing and managing the organization’s IT infrastructure and security operations to ensure robust, secure, and scalable support for all business functions. This role combines deep technical expertise with strategic planning and team leadership to secure infrastructure, maintain operational stability, and enhance system performance. The ideal candidate will have extensive experience in IT infrastructure, cybersecurity, risk management, and compliance.

Duties and Responsibilities:

Security Operations:

• Lead and manage all aspects of security operations, including threat detection, incident response, vulnerability management, and endpoint protection.
• Develop and maintain security policies, procedures, and controls that meet industry standards and regulatory requirements (e.g., HIPAA, NIST, HITRUST, ISO 27001).
• Regularly review and assess security posture to detect areas of vulnerability and address proactively to mitigate risks.

Infrastructure Management:

• Oversee the planning, deployment, and maintenance of critical IT infrastructure, including servers, networks, cloud services, storage systems, and databases.
• Develop and implement best practices for infrastructure performance, scalability, and reliability.
• Ensure high availability and performance of all systems and services, proactively addressing capacity planning and system health monitoring.
• Collaborate with cross-functional teams to develop and execute a comprehensive infrastructure strategy aligned with the organization's goals and objectives.
• Oversee the installation, configuration, and maintenance of servers, networks, storage systems, and other infrastructure components.
• Ensure timely updates, patches, and upgrades to maintain system security and performance.

Team Leadership:

• Lead, mentor, and develop a team of infrastructure and security professionals, fostering a collaborative and performance-driven environment to achieve operational excellence.
• Set performance objectives, conduct regular evaluations, and provide career development support for team members.
• Foster a collaborative and supportive work environment that emphasizes continuous learning and process improvement.

Strategic Planning:

• Develop and implement strategic roadmaps for security and infrastructure operations, aligning with organizational goals and IT strategy.
• Stay updated on industry trends, emerging technologies, and potential security threats to proactively guide the organization's security and infrastructure strategy.

Vendor and Contract Management:

• Collaborate with vendors and third-party service providers to negotiate contracts and service level agreements (SLAs).
• Monitor vendor performance and ensure compliance with contractual obligations.
• Disaster Recovery and Business Continuity:
• Develop and maintain disaster recovery and business continuity plans to minimize downtime in case of infrastructure failures.
• Conduct regular drills and tests to validate the effectiveness of these plans.

Documentation and Reporting:

• Maintain detailed documentation of infrastructure configurations, procedures, and policies.
• Generate regular reports on infrastructure performance, compliance, and KPIs for management and stakeholders.

Collaboration and Communication:

• Collaborate with other IT teams, departments, and stakeholders to align infrastructure initiatives with business goals.
• Communicate infrastructure updates and issues to relevant parties in a clear and timely manner.

Other duties as assigned

Knowledge and Skill Requirements:

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field; Master’s degree preferred.
• 5+ years of experience in IT infrastructure and security, with at least 3 years in a leadership role.
• Strong understanding of infrastructure design, network architecture, cloud platforms, and cybersecurity principles.
• Experience with industry security standards, such as NIST, ISO 27001, SOC 2, and CIS Controls.
• Proficiency in project management methodologies and SDLC.
• Excellent leadership, communication, and project management skills, with the ability to collaborate effectively across departments.
• Strong critical thinking, problem-solving, and decision-making abilities.
• Certifications such as CISSP, CISM, CCSP, or ITIL are highly valued.

Experience and Education:

Bachelor's degree in computer science, information technology, or a related field (Master's degree preferred).

Physical Requirements:

The physical demands are representative of those that must be met to perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions.

• Light physical effort in an office environment
• Frequent computer use / data entry; repetitive motions of the wrist, hands, and/or fingers
• Must have close visual acuity to perform activities such as: preparing and analyzing data and figures; transcribing; and viewing a computer
• Ability to received detailed information through oral communication
• Must be able to lift up to 20 pounds(files, paper boxes)periodically
• Primary sedentary work with occasional bending and reaching
• (Optional) May be required to drive for long periods of time and is expected to travel throughout the Western New York area
• (Optional) Valid driver license required; must have reliable and consistent access to a personal vehicle to allow for required travel