Information Security & Privacy Manager jobs in United States
cer-icon
Apply on Employer Site
company-logo

Tokenworks Inc · 4 days ago

Information Security & Privacy Manager

positionBronxville, NY
timeFull-time
remoteHybrid
senioritySenior Level
money$110K/yr - $120K/yr
date5+ years exp

TokenWorks Inc. is a growing technology company specializing in identity verification hardware and software. They are seeking an experienced Information Security & Privacy Manager to own and advance their security posture across infrastructure, applications, and cloud environments while driving SOC 2 compliance and managing vulnerability detection and remediation.

ComputerConsumer ElectronicsConsumer GoodsMachinery ManufacturingManufacturing

Responsibilities

Lead TokenWorks’ SOC 2 certification efforts, including gap assessments, control implementation, evidence collection, and audit coordination using Vanta
Maintain ongoing SOC 2 compliance through internal audits, policy updates, control monitoring, and employee security training
Initiate and manage the ISO 27001 certification process, including risk assessments, development of an Information Security Management System (ISMS), and alignment with international standards
Design, implement, and maintain secure WiFi and LAN environments, including encryption, access controls, monitoring, and threat detection
Assess and remediate security risks in applications running on Windows, Android, and iOS platforms through vulnerability scanning, patch management, and secure configuration standards
Partner with engineering to embed security into the software development lifecycle (SDLC), including secure coding practices, architecture reviews, and threat modeling
Use Wiz.io to identify, prioritize, and remediate cloud vulnerabilities and security misconfigurations, ensuring proactive risk management
Develop and maintain backup and data protection strategies, including redundancy, offsite storage, and regular testing to ensure data availability and integrity
Lead incident response activities, including investigation, documentation, reporting, and post-incident remediation planning
Own disaster recovery and business continuity planning, conducting regular testing and coordinating recovery efforts aligned with SOC 2 and ISO 27001 requirements
Oversee additional compliance elements such as access management, vendor risk assessments, encryption standards, physical security controls, and employee security awareness programs
Monitor emerging threats, regulatory developments, and industry best practices, advising leadership on improvements to the company’s security framework

Qualification

SOC 2 complianceISO 27001 certificationVulnerability managementNetwork securityCloud securityRisk assessmentsIncident responseDisaster recovery planningCISSP certificationCISM certificationCRISC certificationISO 27001 Lead ImplementerPythonPowerShellGDPR knowledgeCCPA knowledgeCommunication skillsCollaboration skills

Required

Bachelor's degree in Computer Science, Information Security, or a related field (Master's preferred)
5+ years of experience in information security, compliance, or risk management roles
Demonstrated expertise with SOC 2 and ISO 27001 frameworks
Hands-on experience with compliance platforms such as Vanta and vulnerability management tools such as Wiz.io
Strong understanding of network security (WiFi/LAN), application security (Windows, Android, iOS), and cloud security best practices (AWS, Azure, or Google Cloud)
Experience with risk assessments, vulnerability scanning, incident response, and disaster recovery planning
Excellent communication and collaboration skills, with the ability to work effectively across technical and non-technical teams
Relevant certifications (CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor) are highly desirable

Preferred

Experience in a SaaS or technology startup environment
Familiarity with identity verification, document processing, or regulated data environments
Scripting or automation experience (e.g., Python, PowerShell)
Knowledge of privacy regulations such as GDPR or CCPA
Proven ability to manage complex, multi-phase compliance or certification projects end-to-end

Benefits

Competitive Healthcare Benefit Plan
Remote or Hybrid work flexibility
401K matching program
Professional development opportunities and certification reimbursement.
A collaborative, growth-oriented culture that values ownership and accountability.

Company

Tokenworks Inc

twittertwittertwitter
company-logo
Tokenworks Inc. is the leading provider of ID scanning solutions in the USA and Canada.
dateFounded in 1998
location
Bronxville, New York, USA
people-size11-50 employees
web-link
https://www.tokenworks.com/

Funding

Current Stage
Early Stage

Recent News

InsideBitcoins.com
NFT Market News: Here’s The Top NFT News In October 2025
2025-10-31
InsideBitcoins.com
Just In: A New NFT Strategy Is Launching Soon – Here’s More Details
2025-10-24
InsideBitcoins.com
Chimpers NFTs Jump +1,700% In Daily Sales Volume – Here’s What Fueling Its Growth
2025-10-19
Company data provided by crunchbase