GENERAL DESCRIPTION

Technosylva is a leading SaaS company specializing in operational support and risk analytics solutions for wildfires and extreme weather events. Our mission is to reduce the impact of these events by delivering proactive, actionable intelligence that enables better decision-making.

We offer a suite of software solutions specifically designed to mitigate risks associated with both wildfires and extreme weather conditions. These solutions are used by some of the largest investor-owned utilities (IOUs), fire management agencies, and other key organizations across the United States.

Our products help anticipate risk, generate on-demand wildfire spread predictions, and support infrastructure hardening analysis—while also aiding regulatory compliance and reporting processes. Although initially developed for utilities and government agencies, our solutions are rapidly gaining traction in other sectors, such as transmission operators, insurance companies, and emerging industries increasingly exposed to climate risk.

Founded in 1997, Technosylva has been delivering mission-critical solutions for over two decades. In recent years, the company has undergone a transformation and period of rapid growth, now boasting a team of over 180 employees and an international presence in more than 10 countries.

JOB DESCRIPTION

We are seeking a hands-on and strategic Information Security Manager to lead our cybersecurity program and strengthen our organization’s security posture. This role requires a technical and operational leader who can own the security lifecycle from architecture and tooling to incident response and compliance while working cross-functionally with engineering, DevOps, IT, and governance teams. The ideal candidate will have deep expertise in cloud security, modern security operations, and regulatory frameworks, and be capable of driving both tactical and strategic security initiatives.

RESPONSIBILITIES

Security Strategy and Operations

• Act as the subject matter expert on secure architecture and operations across AWS and Azure cloud environments.
• Evaluate and implement emerging security tools and practices; lead proof-of-concept initiatives to improve detection, prevention, and response capabilities.
• Maintain compliance with industry and regulatory standards, including ISO 27001, SOC 2, and NIST CSF.
• Partner with software, DevOps, and infrastructure teams to embed security-by-design principles into development and deployment workflows.
• Manage and operate key security technologies, including SIEM, EDR, vulnerability scanners, identity management, and cloud-native security tools.
• Lead security incident response efforts: triage alerts, investigate threats, and coordinate mitigation and postmortems.
• Oversee threat modeling, penetration testing engagements, and vulnerability management programs.
• Develop, refine, and enforce security policies, standards, and processes aligned with business risk.
• Conduct internal risk assessments and manage external security audits and compliance reporting.
• Monitor emerging threats and maintain current understanding of attack techniques and mitigation strategies.

Governance, Awareness, and Collaboration

• Collaborate with cross-functional teams to ensure secure adoption of technologies, infrastructure, and applications.
• Support data privacy initiatives by integrating security requirements for regulations such as GDPR, CCPA, and others.
• Drive organization-wide security awareness training, phishing simulations, and employee education programs.
• Liaise with legal, governance, and operations stakeholders to align risk management and compliance activities.
• Maintain strong documentation practices for policies, incidents, configurations, and technical decisions.

Leadership and Influence

• Lead and mentor security analysts or engineers (as applicable), fostering technical growth and accountability.
• Set team priorities, review deliverables, and ensure consistent execution aligned with organizational objectives.
• Promote a collaborative, security first culture across technical and non-technical teams.
• Participate in hiring, performance reviews, and professional development planning for security personnel.
  

REQUIRED SKILLS

Experience

• 7+ years in information security, with a strong foundation in both technical implementation and strategic planning.
• Proven experience securing cloud environments (AWS and/or Azure) and enterprise applications.
• Prior involvement in regulatory audits, compliance efforts, and third-party risk management.
• Experience with incident response, SIEM tuning, and threat hunting methodologies.

Technical Proficiency

• Strong knowledge of cloud-native security tools, IAM, network protocols, and endpoint security.
• Familiarity with DevSecOps, CI/CD integration, and secure coding principles.
• Hands-on experience with tools such as CrowdStrike, AlienVault, Splunk, Tenable, or similar platforms.
• Understanding of encryption, key management, authentication protocols, and data protection technologies.

Compliance and Frameworks

• Experience implementing or managing programs aligned with ISO 27001, SOC 2, NIST, and CIS Controls.
• Understanding of global privacy standards (e.g., GDPR, CCPA).

Preferred Qualifications

• Certifications such as CISSP, CISM, AWS/Azure Security – Specialty, GSEC, or OSCP.
• Experience in scripting or automation (e.g., Python, PowerShell, Bash).
• Knowledge of ITIL or security service management concepts.

Key Competencies

• Strong analytical and critical thinking abilities.
• Clear, confident communication with both technical and executive audiences.
• Ability to balance security rigor with business agility.
• Detail-oriented with strong documentation and process discipline.
• Capable of working independently, managing multiple priorities, and adapting to changing threats.

Working Conditions

• Participation in an on-call rotation for security incidents and escalations.
• Occasional after hours work may be required for maintenance or incident response.
• Some travel may be necessary for audits, conferences, or vendor engagements.

BENEFITS

• Competitive annual salary.
  
• Annual bonus based on individual and company performance.
  
• Flexible working hours.
  
• Remote work options available.

At Technosylva, we value diverse experiences and skills, and we understand that each career path is unique. Therefore, we encourage all individuals who believe they meet most of the requirements and are interested in growing and contributing in the role to apply.

DISCLAIMER
Final compensation and benefits will depend on a variety of factors including location, experience, training, qualifications, and market demand.

COMMITMENT TO INCLUSION
Technosylva is an equal opportunity employer. We are committed to fostering an inclusive environment where diverse perspectives lead to better solutions.