CSIRT/SOC Senior Manager, Information Security

Deluxe is looking for a seasoned leader with proven experience in both Incident Response and Security Operation Management.

The Senior Manager, Information Security leads a high-performing team to design, implement, and manage enterprise-wide security strategies and solutions. This role will drive the development and implementation of scalable security solutions, ensuring alignment with business objectives and regulatory requirements while driving innovation and continuous improvement.  The position requires strong leadership, technical expertise, and cross-functional collaboration to protect the organization’s digital assets and support business objectives.

• Proven leadership in leading, managing and coordinating incident response, security operations, and cyber threat intelligence programs to proactively detect, respond to, and mitigate complex cyber threats across diverse enterprise environments
• Develop, communicate, and execute security strategies aligned to business objectives.  Serve as a key security liaison, embedding secure design principles, access control frameworks, and risk mitigation practices into cross-functional initiatives, projects, and enterprise transformations.
• Lead and manage a high-performing security team, overseeing hiring, training, performance management, career development, and budgeting, while developing and tracking KPIs/KRIs to measure security posture and report progress to senior leadership.
• Develop and maintain security reference architectures, standards, and roadmaps for applications, cloud, and enterprise systems.  Guide secure development practices, threat modeling, and integration of security tools (e.g., SAST, DAST, SIEM) into DevSecOps pipelines and cloud environments.  Ensure alignment with enterprise identity strategies and access control frameworks to support secure, scalable, and compliant solutions.
• Maintain deep knowledge of security principles, frameworks (NIST, ISO 27000), and regulatory landscapes (PCI, SOX, GDPR, SOC2). Conduct risk assessments across application, infrastructure, and identity domains; support audits, and regulatory compliance efforts.
• Stay current on emerging threats and technologies, lead PoCs, and drive adoption of modern security practices and tools. Familiarity with modern cloud environments. Strong stakeholder management across technical and non-technical teams. Experience managing cross-functional projects and delivering measurable risk reduction.

Basic Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field
• 10+ years of progressive InfoSec experience, including 3+ years in a leadership or management role
• At least one relevant security certification (e.g., CISSP, CISM, or equivalent)
• Strong knowledge of security frameworks such as NIST and ISO 27000 series
• Proven success designing, implementing, or overseeing enterprise-scale security solutions
• Must be 18 years of age or older

Preferred Qualifications:

• Master’s degree in Cybersecurity, Information Security, or a related technical field.
• 12+ years of progressive Information Security experience, including 10+ years of hands-on penetration testing or equivalent expertise.
• Strong understanding of regulatory/compliance standards (PCI-DSS, SOX, HIPAA, GDPR, SOC 1/2) and experience in highly regulated industries (financial services, healthcare, government).
• Experience presenting to Audit Committees or regulators.
• Direct experience with secure software development, threat modeling, and risk assessments across complex application environments.
• Hands-on expertise in cloud security (AWS, Azure, GCP), computer forensics, ethical hacking, network exploitation, penetration testing, and security tool development.
• Development experience in one or more languages: .NET, Java, Perl, Python.
• One or more industry-recognized certifications: CISSP, CISM, SABSA, TOGAF, OSCP, GWAPT, TOGAF, or cloud security certifications: (e.g., AWS Security Specialty, Azure Security Engineer)
• Proven ability to assess and design secure architectures.

Compensation

The compensation range for this position is $140,000.00 - $175,000.00 annually. This position will be eligible for commission or an annual performance incentive plan. The base pay actually offered will vary depending on job-related knowledge, skills, location, experience and take into account internal equity.

Benefits

In line with our commitment to employee wellbeing, our total rewards benefits package is designed to support the physical, financial, and emotional health of our employees, tailored to meet their unique and evolving needs. Our approach considers our employees’ whole selves, ensuring they can thrive both in and outside of work. Here are some of the benefits we offer, which may vary based on role, location, or hours worked:

• Healthcare (Medical, Dental, Vision)

• Paid Time Off, Volunteer Time Off, and Holidays

• Employer-Matched Retirement Plan

• Employee Stock Purchase Plan

• Short-Term and Long-Term Disability

• Infertility Treatment, Adoption and Surrogacy Assistance

• Tuition Reimbursement

These benefits are designed to enhance the health, protect the financial security, and provide peace of mind to our employees and their families.

Deluxe Corporation is an Equal Employment Opportunity employer:
All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, disability, sex, age, ethnic or national origin, marital status, sexual orientation, gender identity or presentation, pregnancy, genetics, veteran status or any other status protected by state or federal law.
 

Please view the electronic EEO is the Law Poster which serves to inform you of your equal employment opportunity protections as part of the application process.