IT Security & Compliance Manager

Job Title – IT Security & Compliance Manager

Department – Information Technology

Reports to – Sr Director IT

Location – Houston, TX

Job Summary

The IT Security & Compliance Manager will lead and oversee the organization's critical security infrastructure, ensuring that security policies and compliance frameworks are both robust and effective. This role is responsible for managing essential security platforms such as SIEM, EDR, IAM, and vulnerability management, while ensuring adherence to industry regulations. The ideal candidate will play a pivotal role in safeguarding the company’s data and systems by implementing proactive security measures, conducting risk assessments, and managing incident response efforts.

Key Areas of Responsibility

- Develop, implement, and enforce IT security policies, procedures, and best practices to protect organizational data and systems

- Ensure the organization’s compliance with relevant laws, regulations, and standards, such as GDPR, SOC 2, ISO 27001, NIST, and SOX

- Conduct regular risk assessments, audits, and vulnerability assessments to identify potential security gaps and compliance risks

- Collaborate with internal teams, including IT, legal, and operations, to ensure seamless integration of security controls

- Lead the development of incident response plans and manage security breach investigations and remediation efforts

- Provide training and awareness programs for employees to ensure company-wide compliance with security protocols

- Maintain and update security documentation, reports, and records related to compliance status and risks

- Stay current with the latest security trends, threats, and regulatory changes to ensure proactive measures are in place

- Manage and oversee key security platforms, including SIEM, Endpoint Detection & Response (EDR), Vulnerability Management, Identity & Access Management (IAM), and Cloud Security, to ensure robust protection against emerging threats

- Implement and monitor Cloud Security Posture Management (CSPM) and Native Cloud Security controls to ensure the security of cloud-based environments and services

- Oversee data protection initiatives, including managing encryption, DLP (Data Loss Prevention), and sensitive data compliance, to safeguard the confidentiality and integrity of organizational data

- Develop and enforce policies and controls for Data Loss Prevention (DLP) and encryption strategies, including Public Key Infrastructure (PKI), to mitigate risks and protect sensitive information across all platforms

- Support and uphold HS&E policies and procedures of NCS and the customer

- Align individual goals with NCS corporate goals, while adhering to the NCS Promise

- Conduct, participate in and promote Personal Development for Success (PDS), for both self and direct reports, ensuring effectiveness of program

- Other duties, relevant to the position, shall be assigned as required

Knowledge, Skills, and Abilities

- Bachelor’s degree or Master’s degree in Information Technology, Cybersecurity, or a related field

- Minimum of 10 years of experience in IT security, with a focus on compliance management

- Strong knowledge of security frameworks and compliance standards (e.g., NIST, ISO, SOC 2, SOX)

- Proven experience in managing security audits and assessments

- Expertise in risk management, vulnerability scanning tools, and incident response

- Excellent problem-solving, communication, and leadership skills

- Industry certifications such as CISSP, CISM, CISA, or similar are preferred

- Experience with cloud security and multi-cloud environments

- Ability to lead cross-functional teams and manage complex compliance projects

Additional Information

- Status: Overtime Exempt

- Employment Classification: Full-time, Regular

- Work schedule: 5 days on, 2 days off, 8:00am – 5:00pm; and may vary dependent on business needs

- Travel: up to 15% domestic and international travel required

- Bonus: Eligible

- Special Equipment: Cell phone and Laptop

- Criminal background check required for all positions

- Safety sensitive positions will require additional pre-employment testing

Core Competencies

- Teamwork/Collaboration – Able to work cooperatively with other individuals

- Service Focus – Builds & maintains customer satisfaction and provides excellent service to internal & external customers

- Decision Making – Able to make decisions and solve problems of varied levels of complexity using logical, systematic, and sequential approach

- Ethics & Integrity – Trustworthiness and ethical behavior with consideration for impact & consequence when making decisions/taking action

- Problem Solving – Ability to approach a problem by using a logical, systematic, sequential approach

- Continuous Improvement – Ongoing improvement of products, services, or processes through incremental & breakthrough improvements

- Accountability – Obligation or willingness to be answerable for an outcome

Leadership Competencies

- Coaching/Developing Others – Able & willing to delegate responsibility, work with others, & coach them to develop capabilities

- People Management – Able to continuously motivate & improve team performance, manage conflict, promote teamwork

- Strategic Thinking – Support, promote, and ensure alignment with organization’s vision & values

- Change Management – Able to manage, lead, & enable process of change and transition while helping others deal with their effects

- Results Execution – Able to focus personal efforts on achieving results consistent with the organization’s objectives

- Influence/Relationships – Ability to gain support for ideas, proposals, projects & solutions

- Business Acumen – Quickness in understanding and dealing with business situations in a manner that is likely to lead to good outcomes