Hendrick Automotive Group Location: 6000 Monroe Rd, Charlotte, North Carolina 28212 Summary: The Information Security Manager will oversee a small team of Security Analysts and will play a critical role in developing and maintaining the company’s information security program. The position requires a solid technical expertise with SIEM, SOAR, Incident Response, and security controls and frameworks, along with a keen understanding of audits and compliance frameworks. The Manager will partner closely with both the IT department and business stakeholders to align security initiatives with our overall business objectives. Supervisory Responsibilities: This job has direct supervisory responsibilities. Essential Duties and Responsibilities include the following, and other duties may be assigned: Team Leadership & Management + Supervise, mentor, and develop a team of Security Analysts. + Provide technical guidance, set performance goals, and ensure ongoing professional growth for your team. + Advocate a collaborative, proactive security culture across the organization. Security Operations & Incident Response + Design, implement, and maintain security operations processes, procedures, and controls. + Oversee daily monitoring of SIEM and SOAR platforms, ensuring timely detection and response to security events. + Lead incident response efforts, coordinating investigation, containment, and remediation activities. + Continuously improve IR workflows to reduce incident impact and strengthen overall security posture. Security Controls & Governance + Develop and implement security control frameworks aligned with industry best practices and business needs. + Conduct periodic risk assessments, identify gaps, and drive remediation strategies. + Ensure compliance with relevant regulations, standards, and internal policies (GLBA, PCI, etc.) Audit & Compliance + Serve as a primary point of contact for all internal and external audits related to information security. + Collaborate with stakeholders to gather evidence, draft policy documents, and respond to audit requests. + Track and follow up on audit findings and corrective actions to maintain continuous compliance. Strategic Alignment + Work with key business units to align security initiatives with organizational goals. + Communicate security risks, strategies, and status updates effectively to executive leadership. Continuous Improvement + Stay current with emerging threats, vulnerabilities, and security trends. + Recommend and implement security solutions that enhance existing capabilities. + Foster relationships with third-party vendors and partners for specialized security needs. Qualifications: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with medical conditions to perform the essential functions. Desired Education: ☐ GED ☐ High School Diploma ☐ Associate Degree ☒ Bachelor Degree - In Computer Science, Information Technology, Cybersecurity, or related field (or equivalent experience). Desired Work Experience: ☐ up to 3 years ☐ 3-5 years ☒ 5+ years - Hands-on experience in information security, with at least 2+ years in a leadership or managerial capacity. Certificates and Licenses: ☒ CISSP, CISM, CRISC, or equivalent certifications. Technical Expertise: Experience with SIEM (e.g., Splunk, Rapid7, QRadar, or similar) and SOAR solutions. Proven track record in leading or supporting incident response activities. Working knowledge of security controls frameworks (e.g., NIST CSF, ISO 27001, CIS Controls). Familiarity with audit processes and compliance standards (e.g., PCI , SOC 2). Reasoning Ability: Ability to apply common sense understanding to carry out instructions. Ability to deal with complex situation situations. Ability to work in fast-paced environment with shifting priorities. Computer Skills: Advanced knowledge of Microsoft Office products. Advanced ability and knowledge of software programs used to support operations required for position. Math Ability: Ability to add, subtract, multiply and divide. Communication Skills: Ability to understand and follow instructions. Ability to communicate effectively with customers and company personnel in person and over the phone. Strong interpersonal and skills. Attendance Expectations: The position requires regular and predictable attendance at the Management Office. Scheduled shifts may include evening hours, weekends, and holidays. Physical Demands: While performing the duties of this job, the employee is regularly required to talk or hear. The employee is frequently required to sit; type on the computer, and speak over the phone. Environment Demands: Duties are primarily performed at a desk in the office environment. Work involves continuous contact and interaction with management office personnel. Work includes movement around facilities. Verbal and Writing Ability: Ability to read and comprehend instructions, correspondence, and memos. Ability to receive and communicate with management office personnel/vendors/teammates courteously, efficiently, and professionally. Employee must be able to display professional phone and email etiquette. This job description in no way states or implies that these are the only duties and responsibilities to be performed by this employee. The employee will be required to follow any other instructions and to perform any other duties and responsibilities upon the request of a supervisor. This job description is subject to revision at the discretion of the company. Hendrick is an Equal Opportunity employer. Minorities, women, veterans, and individuals with disabilities are encouraged to apply. For more information regarding the EEOC, please visit https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12ScreenRdr.pdf.