Search all jobs
Browse jobsChicago, IL › Information Security Manager

Information Security Manager

Beyondfinance · Chicago, IL (Hybrid) · Posted Jul 8, 2026

Apply on company site   Track it in JobSkout

At Beyond Finance, we've made it our mission to help everyday Americans escape the endless cycle of crippling debt and step into a brighter financial future. Through compassionate, individualized care, a culture focused on compliance and ethics, supportive user-centric technology, and customized financial solutions, we've helped over 1 million clients on their path to a brighter future.

While we're proud of what we've already accomplished, we're searching for new collaborators to help us get to the next level! If you're looking to join a forward-thinking, rapidly growing organization with helping people as its number one goal, we want to hear from you.

The Role

As the Information Security Manager, you will lead our security operations function, the team responsible for monitoring the environment, triaging security signals across cloud and endpoints, running the company's Insider Risk program, and owning initial vulnerability triage. You have a demonstrated track record of relentlessly pursuing high security standards and holding your team accountable to them. You will manage analysts who serve as the first line of detection for the security organization, ensuring threats are identified, sized, and routed with the right context and urgency. Your primary objective is to build a disciplined, high-signal operations function that drives down dwell time and keeps the broader security team focused on the most impactful work.

Key Responsibilities

Security Operations Ownership: Own the day-to-day function of the team — alert triage, signal prioritization, and escalation workflows. Ensure the team operates consistently and with a clear sense of urgency.

SIEM Detection Management: Own SIEM operations hands-on — including log source onboarding, pipeline configuration, parsing, detection coverage, rule tuning, and alert fidelity. Ensure the team is operationalizing threat intelligence and not just reacting to whatever fires first.

Cloud Endpoint Signal Triage: Oversee triage of security signals sourced from cloud infrastructure, endpoint detection, and network controls. Separate noise from meaningful findings and ensure high-fidelity signals reach the right team with full context.

Incident Response Ownership: Own the incident response function end-to-end — from initial escalation through containment, cross-functional coordination, and post-incident review. Ensure findings drive detection improvements and close the loop with Security Engineering where remediation is required.

Insider Risk Program: Lead the Insider Risk process end-to-end — from identifying coverage gaps across cloud and endpoint environments, to behavioral monitoring and DLP signal review, through investigation, escalation, and case closure.

Vulnerability Triage: Own initial triage and prioritization of vulnerability findings. Size risk, assign severity, and route to Security Engineering with the context needed to make prioritization decisions.

Team Leadership: Lead and develop a team of security analysts, managing performance and growth while building a culture of rigor and ownership.

Cross-Functional Partnership: Act as a key interface between the security function and the broader business. Work directly with HR and Legal on Insider Risk cases that require cross-functional handling, and engage with business leadership to communicate risk, provide operational context, and ensure security decisions are grounded in business impact.

Skill Requirements

5+ years of hands-on experience in security operations, incident response, or a SOC environment

Direct people management experience with analysts or security operations staff

Technical depth in SIEM platforms — log ingestion, pipeline and parsing configuration, detection engineering, and alert tuning

Demonstrated experience running or contributing to an Insider Risk or DLP investigation program, with the technical understanding to identify coverage gaps across cloud and endpoint environments

Working knowledge of vulnerability triage and risk prioritization — CVSS, asset context, business impact

Ability to triage and contextualize signals from cloud infrastructure and endpoint tooling

Clear communicator who can size and convey risk across technical and non-technical audiences

Desirable Skills

Experience with cloud-native security tooling and CSPM/CWPP signal interpretation

Familiarity with phishing triage and email security investigation workflows

Exposure to threat intelligence operationalization — consuming feeds and translating them into detection coverage

Experience operating within a multi-team security model with defined handoff processes between operations, engineering, and GRC functions

The Ideal Candidate You run a tight operation and you're still technical enough to get your hands dirty. You've built or managed SOC workflows before and know the difference between a high-fidelity detection program and an alert noise machine. You take Insider Risk seriously — you understand t…

Apply on company site