IT and Security Manager

Country:  United States
Position Location:  New York, NY / Iselin, NJ / Los Angeles, CA / Seat
Contract Type:  Regular (US only)
Work Pattern:  Full Time
Sector:  Corporate services
Discipline:  Information technology
Job Ref:  2063
Recruiter Contact:  Sofiya Bula

The Regional IT and Information Security Manager is responsible for implementing a mature approach to IT and Information Security within the region. This involves building strong relationships with regional management, Project teams, and the Group IT and Information Security function to effectively manage technology and information security risks. Additionally, the role includes ensuring that information security is integrated into the regional work culture and providing support to clients, partners, and employees to fulfill their information security responsibilities.

As a member of the regional digital team, the Regional IT and Information Security Manager will develop a deep understanding of the regional business needs and identify opportunities to improve the use of technology and the information security of digital solutions. The role also involves promoting awareness of IT and information security within the regional business to influence a positive digital culture.

Key Responsibilities:
•    Build strong relationships with regional management, Project teams, and the Group IT and Information Security function to effectively manage technology and information security risks.
•    Lead a regional team of technology and information security professionals by fostering a culture of continuous learning and professional growth.
•    Effectively communicate technical and behavioural information security requirements, along with their underlying rationale and benefits.
•    Consult and agree on the design and implementation of the regional information security program with the Group Head of IT and Information Security.
•    Manage regional information security risks and implement risk mitigation plans as agreed with the Group Head of IT and Information Security.
•    Lead regional information security incident management and response activities.
•    Develop regional IT and information security metrics and reporting frameworks.
•    Implement measurable security awareness and training programs.
•    Conduct ISO27001 audits and evaluate the alignment of security controls as defined in the Information Security Management System (ISMS).
•    Collaborate with group and regional management to formulate and implement regionally specific information security policies and standards.
•    Ensure completion of mandatory training and maintain high levels of information security awareness by curating regionally appropriate content and organising regular communications for employees at all levels.
•    Guide client facing project managers in completing Information Security Risk Assessments and assure the appropriate information security controls are implemented.
•    Provide responses to customer security questionnaires and coordinate agreed security controls for high-risk regional suppliers, partners, and subconsultants.
•    Maintain existing information security certifications for the region and work with regional management to ensure compliance with relevant information security standards and the ISMS.
•    Provide architectural and security guidance on new and innovative digital infrastructure (IT) solutions that enable achieving business & Digital objectives.
•    Ensure all regional digital infrastructure (IT) support needs are met through timely incident resolution, request fulfilment and by guaranteeing all service delivery targets are achieved.
•    Manage all regional onboarding and offboarding activities.
•    Manage the lifecycle of all regional Digital assets.


Essential Candidate Requirements:
•    Understand group and regional business operations and analyse information security risks.
•    Communicate complex information security issues in an easily understandable manner.
•    Build credibility and relationships with stakeholders, including regional management and external information security authorities.
•    Be a confident self-starter with strong communication skills and a commitment to high standards of ethics and compliance.
•    Collaborate with the regional business stakeholders, IT and Information Security function, Digital Solutions teams, and Project teams to communicate information security requirements and identify areas for improvement.
•    Influence and manage expectations of multiple business stakeholders and support IT service roadmaps.
•    Leverage existing relationships to move forward with business and IT initiatives and represent the technology requirements of the business.
•    Contribute to the digital success of the business and the adoption of the secure use of technology using knowledge of the business, industry, and leading digital services.
•    Take a leadership role in implementing and educating on information security and effectively communicate information security requirements and their benefits.


Qualifications and Certifications:

  • Possess a degree in information security, technology or engineering or have relevant industry experience.
  • Hold ITIL V4 Foundation and Project Management certification (Prince2 or PMP), strongly preferred.
  • Hold relevant information security certification (e.g. CGEIT, CISSP, CISM, CRISC, CCISO, CISA), strongly preferred.
  • Other professional IT certifications are desirable.

Knowledge and Experience:

  • Proven ability to design and execute a regional information security program and manage information security risks.
  • Have experience in information security, risk management, technology, and compliance.
  • Deep understanding of information security principles, best practices, and frameworks, including ISO27001, NIST and Cyber Security Framework.
  • Experience developing information security metrics and implementing information security awareness and training programs.
  • Demonstrable experience in a senior role with a deep understanding of information security and technology and its application to business.
  • Knowledge of business operations in a large multinational or global organisation.
  • Ability to influence key stakeholders and facilitate change management.
  • Knowledge of core business processes and strategic use of technology to optimise business objectives.

Personal Attributes:

  • Highly motivated and self-directed, able to prioritise and execute under pressure.
  • Strong customer service orientation and interpersonal skills.
  • Ability to communicate complex issues in clear, concise language.
  • Adaptable and flexible, able to adjust to new situations and changing priorities.
  • Experienced in relationship management.

Salary Range: $160,000-$175,000 USD

Benefits: 401k, medical, dental and vision insurance, STD/LTD disability, holiday, PTO, parental leave and company paid life insurance


Equality, diversity and inclusion

We put equality, diversity, and inclusion at the heart of our business, seeking to promote fair employment procedures and practices to ensure equal opportunities for all. We encourage individual expression in our workplace and are committed to creating an inclusive environment where everyone feels they have the opportunity to contribute.


Equal employment opportunity is the law. 
English version
Spanish version
Chinese version

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, creed, marital status, sexual orientation, gender identity, citizenship status or disability status.


Hybrid working policy

At Mott MacDonald, we believe it makes business sense for you and your manager to choose how you can work most effectively to meet your client, team, and personal commitments. We offer a hybrid working policy that embraces your well-being, flexibility, and trust.


More about Mott MacDonald

We’re a global engineering, management and development consultancy.

Our purpose is to improve society by considering social outcomes in everything we do, relentlessly focusing on excellence and digital innovation, transforming our clients’ businesses, our communities and employee opportunities.

A fundamental part of this is respecting each person’s differences and striving to meet their needs.

Our values: progress, respect, integrity, drive, excellence

Nearest Major Market: Pensacola