Sr Mgr, Information Security

Sr Mgr, Information Security

• Full Time HD Supply
• Decatur, GA Apply Now Posted on 04/01/26 (

Ref:

GA8ZQcmZSE) The Senior Manager

• Information Security Risk & Compliance is a hands-on leader responsible for executing and operating theanization's information security risk andpliance programs.

This role directly performs risk assessments, supports audits, manages GRC tooling, and works closely with technical teams to remediate control gaps. The role balances leadership responsibilities with day-to-day execution and technical depth. Key Responsibilities Hands-On Risk Management

• Perform and lead information security risk assessments across applications, infrastructure, cloud environments, and business processes.
• Maintain risk registers, document findings, assign remediation actions, and track closure.
• Conduct threat modeling and control gap analyses in collaboration with engineering and security teams.
• Perform and review third-party/vendor security risk assessments and questionnaires. Compliance & Audit Execution
• Directly managepliance efforts for frameworks and regulations such as

ISO 27001, SOC 2, PCI

DSS, SOX, GDPR, or HIPAA (as applicable).

• Prepare audit evidence, coordinate walkthroughs, and respond to auditor and regulator requests.
• Execute control testing and validate control design and operating effectiveness.
• Track remediation plans and validate corrective actions. Policy, Standards & Controls
• Draft, update, and maintain information security policies, standards, and prores.
• Map technical and administrative controls topliance requirements and business risks.
• Work hands-on with system owners to design and implement security controls. GRC Tools & Metrics
• Administer and optimize GRC tools (e.g., Varonis, Lighbeam, Tenable, Auditboard etc).
• Build risk dashboards,pliance metrics, and executive-level reporting.
• Automate evidence collection and control monitoring w possible. Cross-Functional Collaboration
• Work closely with IT, Cloud, DevOps, Security Operations, Legal, Privacy, and Internal Audit teams.
• Provide actionable security guidance during system design, cloud migrations, and vendor onboarding.
• Act as a subject matter expert for security risk andpliance inquiries. Leadership & Mentorship
• Lead by example with direct execution while mentoring junior risk andpliance staff.
• Review work products, provide hands-on coaching, and ensure quality and consistency.
• Support hiring and onboarding of risk andpliance team members as needed. Required Qualifications
• Bachelor's degree in Information Security, Computer Science, or related field.
• 8-12+ years of experience in information security, risk,pliance, or IT audit roles.
• Strong hands-on experience with risk assessments, audits, and control testing.
• Practical working knowledge of

NIST CSF, ISO 27001/27002, SOC

2, and cloud security controls.

• Ability to independently manage multiple assessments and audits end-to-end. Preferred Certifications

• CISSP, CISM, CRISC, CISA, ISO 27001

  Lead Implementer/Auditor, or equivalent. Key Skills & Competencies
• Deep technical understanding of security controls and risk mitigation
• Strong documentation and evidence management skills
• Ability to translatepliance requirements into technical actions
• Comfortable working in fast-paced, hands-on environments
• Strong problem-solving and attention to detail Job Summary Manage and coordinate a team of Security Managers and Engineers.

Ensure tight rigor and control over Security Operations and Audit processes. Major Tasks, Responsibilities, and Key Accountabilities Serves as an internal information security consultant to theanization. Effectively leads and or coordinates all internal dedicated security functions including but not limited to

• patching, anti-virus, intrusion prevention, CERT response, log file monitoring, cross division security coordination, systems operational security testing, rule set analysis, threat detection and adaptation, as well as advent security related functions.

Initiates activities to create information security awareness within theanization. Performs information security risk assessments, and acts as an internal auditor. Evaluates audit findings and drives remediation of identified control deficiencies. Reviews all system-related security planning throughout thework and acts as a liaison to information systems. Monitorspliance with information security policies and prores, addressing problems with the appropriate department manager or data owner. Oversees the security policy to ensure appropriateness. Provides training and consultation to ensure understanding of andpliance with established security standards and controls. Manages the Computer Security Incident Response Plan. Manages the Risk Program including coordination and follow-up of the semi-annual risk assessment and development and implementation of business unit policies and standards. Manages the business unit's audits and examinations. Works with management to put controls in place needed toply with SOX and PCI regulatory requirements. Nature and Scope Solutions require analysis and investigation. Achieves planned results by decisions and actions based on professional methods, business principles, and practical experience. May rmend/make decisions regarding new programs/initiatives that have significant impact to the business and carry consequences in unsuccessful endeavors. Manages a larger team or multiple small teams through direction of subordinate management and/or supervisory staff. Work Environment Located in afortable indoor area. Any unpleasant conditions would be infrequent and not objectionable. Most of the time is spent sitting in afortable position and t is frequent opportunity to move about. On rare occasions t may be a need to move or lift light articles. Typically requires overnight travel less than 10% of the time. Education and Experience Typically requires BS/BA in a related discipline. Generally 7+ years of experience in a related field. May require certification. Advanced degree may offset less experience in some disciplines. Our Goals for Diversity, Equity, and Inclusion We aremitted to creating a culture that promotes equity, respect, and advocacy for every HD Supply associate. We value the diversity of our people. Equal Employment Opportunity HD Supply is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. Apply Now State ⌄ Alabama Alaska Arizona Arkansas California Colorado Connecticut Delaware District Of Columbia Florida Gia Hawaii Idaho Illinois Indiana Iowa Kansas Kentucky Louisiana Maine Maryland Massachusetts Michigan Minnesota Mississippi Missouri Montana Nebraska Nevada New Hampshire New Jersey New Mexico New York North Carolina North Dakota Ohio Oklahoma Oregon Pennsylvania Rhode Island South Carolina South Dakota Tennessee Texas Utah Vermont Virginia Washington West Virginia Wisconsin Wyoming Alberta British Columbia Manitoba New Brunswick Newfoundland and Labrador Nova Scotia Ontario Prince Edward Island Quebec Saskatchewan Northwest Territories Nunavut Yukon Please mention you saw this job on JobsInLogistics this job: