Manager of Information Security jobs in United States
cer-icon
Apply on Employer Site
company-logo

Granite Telecommunications · 7 hours ago

Manager of Information Security

positionQuincy, MA
timeFull-time
remoteOnsite
senioritySenior Level

Granite Telecommunications is seeking a Manager of Information Security to lead their enterprise security program. This role is responsible for overseeing security policies, vulnerability management, cloud security, and incident response while ensuring compliance with government-related activities and strengthening the organization's security posture.

Business DevelopmentFitnessTelecommunications
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Oversee and manage Granite’s enterprise wide Information Security Program, ensuring protection of corporate systems, data, applications, cloud environments, and business operations across all departments (IT, Engineering, Legal, Ops, Customer facing teams)
Lead the development, implementation, and continuous improvement of corporate security policies, standards, procedures, and supporting governance documents
Direct vulnerability management activities across infrastructure, cloud, and applications; coordinate remediation with engineering, DevOps, and operations teams; validate fixes through scanning and ongoing monitoring
Oversee cloud security for GCP and AWS, ensuring secure configuration, access control, and alignment with best practices
Drive secure architecture reviews, application security requirements, and SDLC security integration for internal products
Partner with Engineering, Infrastructure, DevOps, and Network teams to evaluate system changes, cloud migrations, firewall updates, and new deployments to ensure security requirements and risk mitigations are properly addressed
Lead incident response activities—coordinate triage, communicate with stakeholders, review root causes, and ensure corrective actions and preventative measures are implemented
Manage enterprise identity and secrets programs, including MFA requirements, SSO implementation, service account lifecycle, least privilege enforcement, and secure credential rotation
Guide third party risk management, review vendor documentation, determine required evidence levels, and assess security impact of new or ongoing vendors
Provide security guidance and support for business processes, system enhancements, corporate initiatives, new integrations, and technology transformations across the organization
Lead recurring enterprise security meetings to align IT, Engineering, Legal, Audit, and business leaders on priorities, risks, and remediation activities
Ensure proper data handling practices across the business, including the identification and removal of sensitive or regulated data from email, local drives, Teams, and other systems
Support corporate continuity and resilience activities, including business impact analysis, response planning, and readiness validation
Provide accurate, timely responses to security questionnaires, proposals, and customer inquiries across business units; contribute security content for RFPs, audits, and partner assessments
Maintain compliance for federal BSS/GBSS systems under NIST SP 800 53 / 800 171 and GSA requirements; update SSPs; and support ATO assessments as needed
Provide federal agencies (e.g., GSA, DARPA) with required security documentation, system diagrams, and responses when requested
Perform other duties as required
Obtain/retain a government security clearance as may be required to perform the duties of the position

Qualification

NIST SP 800-53Cloud Security GCPCloud Security AWSIncident ResponseVulnerability ManagementSecurity AssessmentsThird-Party Risk ManagementSSP WritingCommunication SkillsLeadership SkillsDocumentation Skills

Required

Bachelor's degree in Computer Science, Information Systems, Information Assurance, or equivalent experience
Eligibility to obtain and maintain Public Trust (Tier 2) or other federal security clearances
Hands‑on experience implementing NIST SP 800‑53, NIST SP 800‑171, SOC 2, PCIDSS, RMF, and FISMA Moderate controls in enterprise environments
Demonstrated experience with SSP writing, ATO packages, security assessments, and continuous monitoring activities
Experience with cloud security in Google Cloud Platform (GCP) and Amazon Web Services (AWS). Familiarity with application security best practices (OWASP, SDLC integration, SAST/DAST scanning workflows)
Ability to interpret and communicate security requirements to engineering, legal, and operations teams
Experience supporting vendor risk reviews, questionnaire responses, and assessment of third‑party security materials
Experience with security controls in a converged infrastructure/virtual machine environment
Experience developing information system security plans, policies, and procedures for Local Area Network (LAN) information systems and wide area network (WAN) information systems
Strong cross‑team leadership, communication, and documentation skills

Company

Granite Telecommunications

twittertwittertwitter
Glassdoor2.9
company-logo
Granite is a leading communications services provider for businesses with multiple locations.
dateFounded in 2002
location
Quincy, Massachusetts, USA
people-size1001-5000 employees
web-link
http://www.granitenet.com/

Funding

Current Stage
Late Stage
Total Funding
$4.85M
2016-06-06Grant· $0.6M
2016-03-29Series Unknown· $4.25M

Leadership Team

leader-logo
Brad Dupee
Head of National Channel Sales
linkedin
leader-logo
Mark Palmer
Director, Strategic Development
linkedin

Recent News

PR Newswire
Granite's Charlie Pagliazzo Recognized as 2026 CRN® Channel Chief
2026-02-03
PR Newswire
Granite360 Wins 2025 Fierce Network Innovation Award for Best BSS/OSS Innovation
2025-12-17
Fierce Network
2025 Fierce Network Innovation Awards - Meet the winners!
2025-12-11
Company data provided by crunchbase