IT Security & Compliance Manager

Job Title – IT Security & Compliance Manager

Department – Information Technology

Reports to – Sr Director IT

Location – Houston, TX

Job Summary

The IT Security & Compliance Manager will lead and oversee the organization's critical security infrastructure, ensuring that security policies and compliance frameworks are both robust and effective. This role is responsible for managing essential security platforms such as SIEM, EDR, IAM, and vulnerability management, while ensuring adherence to industry regulations. The ideal candidate will play a pivotal role in safeguarding the company’s data and systems by implementing proactive security measures, conducting risk assessments, and managing incident response efforts.

Key Areas of Responsibility

Develop, implement, and enforce IT security policies, procedures, and best practices to protect organizational data and systems

Ensure the organization’s compliance with relevant laws, regulations, and standards, such as GDPR, SOC 2, ISO 27001, NIST, and SOX

Conduct regular risk assessments, audits, and vulnerability assessments to identify potential security gaps and compliance risks

Collaborate with internal teams, including IT, legal, and operations, to ensure seamless integration of security controls

Lead the development of incident response plans and manage security breach investigations and remediation efforts

Provide training and awareness programs for employees to ensure company-wide compliance with security protocols

Maintain and update security documentation, reports, and records related to compliance status and risks

Stay current with the latest security trends, threats, and regulatory changes to ensure proactive measures are in place

Manage and oversee key security platforms, including SIEM, Endpoint Detection & Response (EDR), Vulnerability Management, Identity & Access Management (IAM), and Cloud Security, to ensure robust protection against emerging threats

Implement and monitor Cloud Security Posture Management (CSPM) and Native Cloud Security controls to ensure the security of cloud-based environments and services

Oversee data protection initiatives, including managing encryption, DLP (Data Loss Prevention), and sensitive data compliance, to safeguard the confidentiality and integrity of organizational data

Develop and enforce policies and controls for Data Loss Prevention (DLP) and encryption strategies, including Public Key Infrastructure (PKI), to mitigate risks and protect sensitive information across all platforms

Support and uphold HS&E policies and procedures of NCS and the customer

Align individual goals with NCS corporate goals, while adhering to the NCS Promise

Conduct, participate in and promote Personal Development for Success (PDS), for both self and direct reports, ensuring effectiveness of program

Other duties, relevant to the position, shall be assigned as required

Knowledge, Skills, and Abilities

Bachelor’s degree or Master’s degree in Information Technology, Cybersecurity, or a related field

Minimum of 10 years of experience in IT security, with a focus on compliance management

Strong knowledge of security frameworks and compliance standards (e.g., NIST, ISO, SOC 2, SOX)

Proven experience in managing security audits and assessments

Expertise in risk management, vulnerability scanning tools, and incident response

Excellent problem-solving, communication, and leadership skills

Industry certifications such as CISSP, CISM, CISA, or similar are preferred

Experience with cloud security and multi-cloud environments

Ability to lead cross-functional teams and manage complex compliance projects

Additional Information

Status: Overtime Exempt

Employment Classification: Full-time, Regular

Work schedule: 5 days on, 2 days off, 8:00am – 5:00pm; and may vary dependent on business needs

Travel: up to 15% domestic and international travel required

Bonus: Eligible

Special Equipment: Cell phone and Laptop

Criminal background check required for all positions

Safety sensitive positions will require additional pre-employment testing

Core Competencies

Teamwork/Collaboration – Able to work cooperatively with other individuals

Service Focus – Builds & maintains customer satisfaction and provides excellent service to internal & external customers

Decision Making – Able to make decisions and solve problems of varied levels of complexity using logical, systematic, and sequential approach

Ethics & Integrity – Trustworthiness and ethical behavior with consideration for impact & consequence when making decisions/taking action

Problem Solving – Ability to approach a problem by using a logical, systematic, sequential approach

Continuous Improvement – Ongoing improvement of products, services, or processes through incremental & breakthrough improvements

Accountability – Obligation or willingness to be answerable for an outcome

Leadership Competencies

Coaching/Developing Others – Able & willing to delegate responsibility, work with others, & coach them to develop capabilities

People Management – Able to continuously motivate & improve team performance, manage conflict, promote teamwork

Strategic Thinking – Support, promote, and ensure alignment with organization’s vision & values

Change Management – Able to manage, lead, & enable process of change and transition while helping others deal with their effects

Results Execution – Able to focus personal efforts on achieving results consistent with the organization’s objectives

Influence/Relationships – Ability to gain support for ideas, proposals, projects & solutions

Business Acumen – Quickness in understanding and dealing with business situations in a manner that is likely to lead to good outcomes