Information Security & Compliance Manager

Western Psychological Services • Full-time • Remote (Hybrid in Torrance, California, United States) • $145,000 - $160,000 / year • 1m ago

Fast Facts

The Information Security & Compliance Manager will lead the security engineering and compliance operations at WPS, ensuring effective management of security practices and technical controls aligned with regulatory frameworks.

Responsibilities: Oversee vulnerability management, incident response, security governance, and compliance programs while managing Disaster Recovery efforts and collaborating with IT teams on security implementations.

Skills: Proficiency in cybersecurity, AWS security architecture, SIEM operation, incident response, and regulatory compliance (SOC 2, HIPAA, GDPR, CCPA) is required.

Qualifications: A Bachelor's degree in Cybersecurity or related field is preferred along with 5+ years of experience in IT security and leadership roles.

Location: The position is remote or hybrid, with no specified office requirement.

Compensation: $145000 - $160000 / Annually

Job Title: Manager, Information Security & Compliance

Reports to: Sr. Director of Technology Operations & Information Security Officer

FLSA: Exempt

EEO: Professional

Manages others: Yes

Location: Remote or Hybrid

Department: Technology Operations

ADP Job Code: 310-19

General Job Description

The Manager, Information Security & Compliance leads all security engineering and compliance operations at WPS, ensuring the confidentiality, integrity, and availability of systems and data. This is a hands-on technical role that oversees vulnerability management, SIEM operations, incident response, identity security, secure configurations, cloud security architecture, and disaster recovery.

The Manager leads the Compliance Engineer and oversees the company’s compliance program, ensuring that security practices and technical controls align with SOC 2, HIPAA, GDPR, CCPA, customer requirements, and any future regulatory or industry frameworks required by WPS. This role sets security priorities, governs security standards, and ensures that all IT systems, including endpoints, identity, infrastructure, and cloud environments, operate securely and in compliance with regulatory and contractual obligations.

This role also owns WPS’s Disaster Recovery (DR) program, including planning, governance, testing, and continuous improvement of recovery capabilities across systems, infrastructure, and cloud environments.

This role is both strategic and hands-on, requiring direct technical involvement in security engineering and incident response.

This position is central to WPS’s IT security strategy, risk management, and audit readiness and reports to the Sr. Director & Information Security Officer.

Essential Responsibilities

Security Engineering & Operations

Own vulnerability management, SIEM tuning and monitoring, incident response, and threat investigation.
Maintain secure baseline configurations (CIS, hardening standards).
OverseeAWS security controls, including IAM governance, cloud logging, encryption standards, network security boundaries, and enforcement of cloud security guardrails.
Design and approve security controls for new systems, infrastructure changes, and applications.
Govern identity security, privileged access, MFA enforcement, and periodic access reviews.
Provide security oversight for DevOps pipelines and cloud deployments.

Security Governance & Policy

Own all security policies, standards, procedures, and security awareness training.
Lead annual risk assessments, security reviews, and third-party/vendor risk management.
Ownthe Disaster Recovery (DR) governance program, including planning, documentation, tabletop exercises, and driving remediation, while partnering with Infrastructure on technical DR execution.
Manage data protection and data classification practices.
Track and reportsecurityKPIs, risks, and initiatives to the ISO.
Run regular security governance meetings and guide cross-functional alignment.

Compliance Program Oversight

Leadthe Compliance Engineer and review all work for accuracy and completeness.
Approve technical controls, evidence, and audit documentation.
EnsureIT systems meet required technical controls across SOC 2, HIPAA, GDPR, CCPA, and other applicable regulatory or customer-driven frameworks.
Act as the technical owner during internal/external audits.
Define evidencerequiredfromITandnon-IT WPSteams.
Manage corrective actions, POAMs, and remediation plans.
Review customer security questionnaires with the Compliance Engineer.

Collaboration With Infrastructure & DevOps

Securitydefines security requirements and works closely with Infrastructure to implement the necessary configurations, remediations, and technical controls.
Partner with the Infrastructureteamto ensure DR plans, runbooks, and technical recovery processes are implemented and tested effectively.
Security reviews and approves changes thatimpactsecurity posture.

Program Development & Future Maturity

Advance detection engineering, automation, and threat visibility.
Implement stronger security controls to support company and platform growth.
Lay groundwork for future expansion of the security/compliance function.

Position Requirements (Skills, Knowledge, Abilities)

Education & Experience

Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience preferred.
5+ years of hands-on IT security engineering or cybersecurity engineering experience.
Experience leading security or compliance functions.
Strong technical experience in SIEM, AWS security, vulnerability management, identity security, incident response, and disaster recovery.
Strongproficiencywith AWS security architecture, IAM, cloud logging, and security guardrails.
Working knowledge of SOC 2, HIPAA, GDPR, and CCPA compliance frameworks.

Skills & Competencies

Strong understanding of security architecture, secure configurations, and cloud security.
Excellent judgment and risk evaluation skills.
Ability to translate regulatory requirements into executable technical controls.
Strong communicationskills for cross-functional work and audit interactions.
Ability to mentor and develop team members.
Strong analytical and troubleshooting skills.

WPS IS AN EQUAL OPPORTUNITY EMPLOYER AA M/F/V/D.

We proudly hire U.S. Military Veterans, and those qualified are encouraged to apply.

Equal Employment Opportunity is The Law. | Pay Transparency Nondiscrimination Provision

At this time, WPS is unable to provide visa sponsorship.

We use E-Verify and submit information from each new employee’s Form I-9 to confirm work authorization.

Related Jobs

Chief Information Security Officer (CISO)

PlayOn! Sports • Full-time • Hybrid in Alpharetta, Georgia, United States • 2w ago

K-12 Information Security Compliance Management Executive Leadership

2w ago

Apply

Director, Site Reliability Engineering (SRE)

Learning Ally • Full-time • Hybrid in Princeton, New Jersey, United States • $150,000 - $165,000 / year • 1m ago

K-12 Cybersecurity DevOps Site Reliability Engineering

1m ago

Apply

Manager, Information Security

RethinkFirst • Full-time • Remote (Remote from Illinois, United States) • 1m ago

K-12 Information Security Cyber Resilience Security Assurance

1m ago

Apply

Interactive Content Specialist

iCEV • Full-time • Hybrid in Lubbock, Texas, United States • 2h ago

K-12 Content Development Career Education Interactive Content

2h ago

Apply

Sr. Manager, Production

Macmillan Learning • Full-time • Hybrid in New York, New York, United States • $75,000 - $85,000 / year • 6h ago

K-12 Project Management Production Management Book Publishing

6h ago

Apply