1

Information Security Manager Jobs in Rochester, NY

Senior Manager, Industrial Security Job Code: 39313 Job Location: Colorado Springs, CO or Rochester ... information security, document control, badging and access control. In addition, site leader will ...

next page

Showing results 1-20

Information Security Manager information

See Rochester, NY salary details

$61.7K

$134.3K

$197.4K

How much do information security manager jobs pay per year?

As of Jul 15, 2026, the average yearly pay for information security manager in Rochester, NY is $134,325.00, according to ZipRecruiter salary data. Most workers in this role earn between $109,100.00 and $158,400.00 per year, depending on experience, location, and employer.

What are some common challenges Information Security Managers face when implementing new security protocols within an organization?

Information Security Managers often encounter resistance to change from staff when introducing new security protocols, as these measures can sometimes disrupt established workflows. Balancing security requirements with business needs is also a frequent challenge, requiring negotiation and effective communication across departments. Additionally, staying ahead of constantly evolving threats and ensuring that all team members are properly trained can be demanding, but overcoming these challenges is crucial for maintaining a robust security posture.

What are the key skills and qualifications needed to thrive as an Information Security Manager, and why are they important?

To thrive as an Information Security Manager, you need a strong understanding of cybersecurity principles, risk management, and regulatory compliance, typically backed by a relevant degree and professional certifications like CISSP or CISM. Familiarity with security information and event management (SIEM) systems, vulnerability assessment tools, and incident response frameworks is essential. Leadership, strategic thinking, and excellent communication skills help you effectively manage teams and convey complex security concepts to stakeholders. These skills and qualities are crucial for protecting organizational assets, ensuring regulatory compliance, and maintaining business continuity.

What is the difference between Information Security Manager vs Security Analyst?

AspectInformation Security ManagerSecurity Analyst
CertificationsCISSP, CISM, CISACompTIA Security+, GIAC Security Essentials
Work EnvironmentOversees security policies, manages teams, strategic planningMonitors security systems, analyzes threats, implements security measures
Employer & Industry UsageUsed in organizations with dedicated security teams across industriesCommon in IT departments, security operations centers

The main difference is that the Information Security Manager focuses on strategic security management and team leadership, while the Security Analyst handles day-to-day security monitoring and threat analysis. Both roles require relevant certifications and are vital in maintaining organizational security, but they differ in scope and responsibilities.

What does an Information Security Manager do?

An Information Security Manager is responsible for overseeing an organization's information security program, ensuring that sensitive data is protected from threats such as cyberattacks and unauthorized access. They develop and implement security policies, conduct risk assessments, and manage teams to respond to security incidents. Information Security Managers also ensure compliance with relevant laws and regulations and regularly educate staff on best security practices. Their role is critical in maintaining the confidentiality, integrity, and availability of information assets.

What Is an Information Security Manager?

The job duties of an information security manager involve overseeing the effort to protect networks, computers, and data from cyber attacks, viruses, and other security breaches. In this career, your responsibilities include creating IT security features that can protect your company’s data. In addition to building systems to protect against hacking, you must also be ready to lead the response when a security breach occurs. As an information security manager, you are responsible for creating and implementing practices and policies that employees can use to protect their employer's networks and data.

What are the most commonly searched types of Information Security jobs in Rochester, NY? The most popular types of Information Security jobs in Rochester, NY are:
What are popular job titles related to Information Security Manager jobs in Rochester, NY? For Information Security Manager jobs in Rochester, NY, the most frequently searched job titles are:
What job categories do people searching Information Security Manager jobs in Rochester, NY look for? The top searched job categories for Information Security Manager jobs in Rochester, NY are:
What cities near Rochester, NY are hiring for Information Security Manager jobs? Cities near Rochester, NY with the most Information Security Manager job openings:
Infographic showing various Information Security Manager job openings in Rochester, NY as of July 2026, with employment types broken down into 1% As Needed, 72% Full Time, 24% Part Time, 1% Temporary, and 2% Contract. Highlights an 95% Physical, 1% Hybrid, and 4% Remote job distribution, with an average salary of $134,325 per year, or $64.6 per hour.
Senior Information Security Analyst

Senior Information Security Analyst

CooperVision

Victor, NY • On-site

Full-time

Re-posted 10 days ago


CooperVision rating

7.2

Company rating: 7.2 out of 10

Based on 12 frontline employees who took The Breakroom Quiz


Job description

Job Summary:
CooperVision is a leading global manufacturer of contact lenses dedicated to improving vision. The Senior Information Security Analyst provides advanced security expertise across the enterprise, partnering with various teams to define and maintain security architecture, streamline remediation of vulnerabilities, and improve Security Controls effectiveness.
Responsibilities:
• Provide leadership and direction for the integration of security culture and design within business and IT strategy; work with the Engineering teams to ensure that security considerations are included in systems architecture and help to identify, evaluate, and select security solutions to meet information security/compliance needs.
• Mentor and coach junior team members to develop well-rounded information security skill sets; promote a strong security culture and awareness across the organization.
• Work with compliance teams to ensure solutions meet security policies and procedures.
• Support compliance with relevant regulations and frameworks (e.g., SOX, HIPAA, PCI, GDPR, GLBA) and privacy laws; prepare for and participate in audits and examinations.
• Administer and tune security tools (e.g., SIEM, NAC, firewalls, IDS/IPS, secure email gateway) to ensure effective monitoring and detection while enabling business operations.
• Partner with Security Engineers to ensure security-by-design in systems architecture and delivery of secure solutions; participate in change/project management to validate secure designs and implementations.
• Define and maintain enterprise security documents (policies, standards, baselines, guidelines, and procedures) and provide detailed hardening guidance to technical teams.
• Prioritize vulnerability assessment output based on exploitability, impact, and likelihood; coordinate remediation across infrastructure, endpoints, applications, and cloud services.
• Support compliance with relevant regulations and frameworks (e.g., SOX, HIPAA, PCI, GDPR, GLBA) and privacy laws; prepare for and participate in audits and examinations.
• Design, scope, and lead deep technical assessments on internal and external systems.
• Define incident response playbooks for IT and Information Security personnel to follow when responding to common issues (e.g., malware infection, phishing, etc.)
• Act as a Subject Matter Expert within all Information Security disciplines.
• Coordinate and help implement significant security projects
• Contribute to Business Continuity and Disaster Recovery planning and exercises in coordination with IT and continuity team
• Influence and communicate business risk and recommended mitigations to technical and non-technical audiences; document clearly for management and stakeholders.
• Handle sensitive/confidential information, investigations, and incidents in a professional and confidential manner.
• Perform other duties as assigned.
Qualifications:
Required:
• Expert knowledge of security frameworks and concepts such as NIST 800-53, ISO 27001, CIS Critical Controls, the Cyber Kill Chain, MITRE ATT&CK, and OWASP.
• Have in-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls.
• Deep understanding of enterprise infrastructure and security technologies including network switches/routers, firewalls/VPN, DLP, anti-malware, IDS/IPS, SIEM, SMTP/email security, Active Directory/Group Policy, DNS, DHCP, VLANs, and content filtering.
• Experience with traditional and modern security controls such as SIEM, IDS/IPS, PKI, IAM, antivirus/firewalls, EDR, threat intelligence, security automation/orchestration, deception, and application controls.
• Ability to conduct vulnerability scanning and penetration testing; incident response and digital forensics.
• Experience developing policies, procedures, standards, and guidelines.
• Strong analytical, strategic, and tactical thinking; ability to communicate business risk effectively and drive nuanced solutions without impeding innovation.
• Understanding of common cloud platforms and how to secure them; experience with AWS and/or Azure is a plus.
• Ability to interact with Cooper personnel and build strong relationships at all levels, and across all business units and organizations, and to understand business imperatives.
• Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and to work with minimal supervision.
• Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management, and business personnel.
• 5-10 years of professional IT experience; 3-6 years specifically in Information Security, including work with geographically dispersed teams.
• Experience supporting audits and meeting regulatory requirements (SOX, HIPAA, PCI, GDPR, GLBA).
• Bachelor’s degree in computer science, information assurance/cybersecurity, MIS, or equivalent experience.
Preferred:
• Professional certifications such as GIAC (e.g., GSEC/GCIA), CISSP, CISM, Cisco Security or similar are preferred.
Company:
CooperVision is one of the world’s leading manufacturers of soft contact lenses and related products and services. It is a sub-organization of The Cooper Companies. Founded in 1980, the company is headquartered in Fairport, USA, with a team of 5001-10000 employees. The company is currently Late Stage.

What CooperVision employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom