1

Information Security Jobs (NOW HIRING)

Information Security

Hanover, MD · On-site

$103K - $218K/yr

Information Security Job Category: Security Time Type: Full time Minimum Clearance Required to Start: TS/SCI with Polygraph Employee Type: Regular Percentage of Travel Required: None Type of Travel:

Create an information security improvement plan and implement the plan by closely collaborating with other internal IT teams. Create and maintain information security score card. Establish ...

The role involves building and operating modern Information Security practices, conducting risk assessments, policy creation, and managing security technologies and processes. Responsibilities : • ...

Information Security Analyst Location: Beaverton, Oregon (On-Site) Job Summary: We are seeking an experienced information security professional to support risk assessments, control validation, and ...

New

The Information Security Engineer is a highly experienced, hands-on technologist with a professional foundation in network engineering, systems engineering, software development, cloud infrastructure ...

About the Role Our business is growing and we need an experienced Information Security engineer to join our Global Technology Security team with a proven track record of building/operating in a ...

About the Role Our business is growing and we need an experienced Information Security engineer to join our Global Technology Security team with a proven track record of building/operating in a ...

next page

Showing results 1-20

Information Security information

See salary details

$62.5K

$136.1K

$200K

How much do information security jobs pay per year?

As of Jul 11, 2026, the average yearly pay for information security in the United States is $136,104.00, according to ZipRecruiter salary data. Most workers in this role earn between $110,500.00 and $160,500.00 per year, depending on experience, location, and employer.

What is information security?

Information security, often abbreviated as InfoSec, refers to the processes and tools designed to protect sensitive business and personal information from unauthorized access, use, disclosure, disruption, modification, or destruction. It encompasses various practices such as risk management, access control, encryption, and incident response to ensure data confidentiality, integrity, and availability. Professionals in this field work to safeguard digital and physical information against threats like cyberattacks, data breaches, and insider threats.

What is the difference between Information Security vs Network Security?

AspectInformation SecurityNetwork Security
CertificationsCompTIA Security+, CISSP, CISMCompTIA Security+, Cisco CCNA Security
Work EnvironmentProtects data across entire organization, including policies and proceduresFocuses on securing network infrastructure and devices
Employer & Industry UsageUsed across all industries to safeguard information assetsPrimarily in IT and networking sectors
Common Search & ComparisonOften compared for broad security rolesMore technical, network-focused roles

Information Security encompasses protecting all organizational data, policies, and systems, while Network Security specifically targets securing network infrastructure and communications. Both roles often overlap but differ in scope and focus, with Information Security providing a broader security strategy and Network Security concentrating on network-specific defenses.

What does an information security job do?

An information security job involves protecting computer systems, networks, and data from cyber threats and unauthorized access. Professionals in this field implement security measures, monitor for breaches, and respond to security incidents, often using tools like firewalls, encryption, and intrusion detection systems. Certifications such as CISSP or CompTIA Security+ are common in this role.

How does an Information Security professional typically collaborate with other departments within an organization?

Information Security professionals frequently work cross-functionally, partnering with IT, legal, HR, and compliance teams to ensure organizational data and systems are protected. They may provide training sessions, develop security policies, and assist other departments in recognizing and mitigating risks. Effective communication and relationship-building skills are key, as they must translate technical security requirements into practical guidelines for non-technical staff. This collaborative approach helps foster a security-minded culture across the organization.

Is a 2 year degree in cyber security worth IT?

A two-year degree in cybersecurity can provide foundational knowledge and skills relevant to information security roles, often serving as a stepping stone to entry-level positions. However, many employers also value certifications like CompTIA Security+ or hands-on experience, and some roles may require a bachelor's degree for advancement.

What are the key skills and qualifications needed to thrive as an Information Security professional, and why are they important?

To thrive as an Information Security professional, you need a solid understanding of network security, risk assessment, and cybersecurity principles, often backed by a degree in computer science or related field. Familiarity with security tools like firewalls, intrusion detection/prevention systems, and certifications such as CISSP or CompTIA Security+ are commonly required. Strong analytical thinking, attention to detail, and effective communication skills set top performers apart. These competencies are crucial for identifying threats, protecting sensitive data, and ensuring organizational resilience against cyberattacks.

Is 40 too old for cyber security?

Information security professionals can start or transition into the field at any age, as success depends on skills, certifications, and experience rather than age. Many individuals successfully enter cybersecurity later in their careers by acquiring relevant knowledge, such as CompTIA Security+ or CISSP, and staying current with industry tools and trends.

What Are Information Security Jobs?

Information security jobs are jobs in which your primary responsibilities are to ensure an organization or business has the proper IT and cybersecurity protocols in place. Some specific job titles for working in information security include information security analyst, information security specialist, and security manager. Your specific duties differ by position. Specialists and analysts often research and review information security practices and analyze weak spots in an organization’s infosec. Managers and implementation specialists identify methods for improving system security and implement these protocols, ensuring proper documentation of changes. Some analysts monitor security systems and prevent unauthorized access to data.

Can I make $200,000 a year in cyber security?

Information security professionals, especially those in senior roles such as security architects or managers, can earn $200,000 or more annually, particularly with extensive experience, advanced certifications like CISSP, and in high-demand industries. Entry-level or mid-tier positions typically have lower salaries, but with specialization in areas like penetration testing or cloud security, higher earnings are achievable.
What cities are hiring for Information Security jobs? Cities with the most Information Security job openings:
What are the most commonly searched types of Information Security jobs? The most popular types of Information Security jobs are:
What states have the most Information Security jobs? States with the most job openings for Information Security jobs include:
Infographic showing various Information Security job openings in the United States as of July 2026, with employment types broken down into 50% Full Time, and 50% Contract. Highlights an 100% In-person job distribution, with an average salary of $136,104 per year, or $65.4 per hour.
Information Security Manager

Information Security Manager

REV Federal Credit Union

Summerville, SC • On-site

Full-time

Re-posted 8 hours ago


Job description

Position Purpose
The Information Security Manager is responsible for implementing and overseeing the credit union's enterprise-wide information security / cyber security program ("Information Security Program") and will act as the designated Information Security Officer of the credit union. The position will serve as a process owner and strategic leader of the Information Security Program, ensuring that the program aligns with the vision, mission and business plans. This role is accountable to complete all assigned compliance and information security training and comply with the credit union's policies and procedures related to the Bank Secrecy Act and Office of Foreign Assets Control (OFAC).
Duties & Responsibilities
Assumes responsibility for the execution of the Information Security Program:
  • Create and complete comprehensive risk assessments and cybersecurity assessment tools in line with industry best practices.
  • Perform firewall configuration and/or modifications, as needed.
  • Monitor network resources, including but not limited to firewall, virus, and spyware protection, analyze and investigate security events and respond to incidents.
  • Perform network device hardening in alignment with industry best practices.
  • Validate server and endpoint hardening activities and provide direction according to industry best practices.
  • Perform network analysis, as needed.
  • Work with internal and external auditors and engage productively with regulatory examiners to provide program documentation and resolve and remediate findings.
  • Create and maintain policies and procedures in support of the Information Security Program.
  • Manage the enterprise system logging program, develop controls for system monitoring and alerting, interpret the log activities, develop plans for remediation efforts and report results to management.
  • Lead the credit union's incident response efforts, including testing, plan creation, communication with management and the Board of Directors (when needed), utilization of external and internal resources, notification of impacted members and regulatory authorities, documentation of all efforts and conducting lessons learned to ensure improvements are made to the program.
  • Implementing a comprehensive training and awareness program for all employees and volunteers, tracking compliance and understanding and reporting on key training metrics.
  • Prepare and present quarterly and annual information security reports as directed by management and the Board of Directors.
  • Actively engage, participate and support the Enterprise Risk Management Program, including ensuring consistency in reporting, risk assessments and communications.
  • Prepare a detailed budget for all expenses associated with the Information Security Program.
  • Review the information security and business resiliency documentation for vendors that are deemed high risk and those that have access to, store or transmit non-public personal information of members and employees.
  • Review contracts with third-party vendors for agreeable terms associated with cyber security and offer input and guidance to key stakeholders during the contract review process.
  • Assist with the due diligence reviews of new vendors and the setup and implementation of new and existing systems and software.
  • Assist with the development and maintenance of the credit union's Business Continuity Plan and business impact analysis.
  • Develop strong working relationship with management and Team Members to develop and implement controls and configurations aligned with information and cybersecurity policies and legal, regulatory and audit requirements.
  • Serve as the Information Security Officer and Privacy Officer of the credit union.
  • Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and follow policies and audit requirements.
  • Assess current and emerging threats, cyberattacks and vulnerabilities and effectively communicate recommended actions and strategies to management.
  • Maintain thorough knowledge of and ensure compliance with applicable federal and state laws, rules, regulations, REV policies and procedures, and service level agreements.
  • Manage the credit union's data classification system.
  • Define and report on key metrics to demonstrate the strength, progress and success of the Information Security Program.

Assumes responsibility for the role of the information security risk management function in various credit union efforts:
  • Collaborate effectively with other credit union leaders to support credit union projects.
  • Research and implement new processes and technology to improve operational efficiency.
  • Provide training as needed for the effective implementation of information security best practices.

Assumes responsibility for complying with applicable regulations:
  • Responsible for supporting compliance of all applicable laws and regulations that the credit union is subject to.

Assumes responsibilities for related duties as required or assigned.
Skills & Qualifications
Education/Certification & Experience:
  • A minimum of eight (8) years' experience in an information technology security role, with experience in financial services preferred.
  • Information security industry certification (CISSP, SSCP, GIAC, GSEC, Security+, CITSM, CISA, etc.) strongly preferred.
  • Clear understanding of the OSI model.
  • Demonstrated experience developing thorough risk assessments and completing cybersecurity assessment tools.
  • Strong familiarity and experience with industry-recognized information security management frameworks, such as NIST, ISO 2700x, ITIL and COBIT, and current security tools and applications.
  • Intermediate experience with scripting and/or programing and the ability to read and review software code.
  • Experience working with legal, audit and compliance staff.
  • Proven experience in reading and interpreting compliance rules, regulations and regulatory guidance, including the GBLA, FFIEC and PCI.

Skills/Abilities:
  • Proven ability to create, comprehend, analyze, and interpret complex rules, regulations and regulatory guidance.
  • Proven ability to write reports, assessments, procedures, and policies.
  • Proven ability to conduct financial and business analyses.
  • Proven ability to solve advance problems and deal with a variety of options in complex situations.
  • Proven strong analytical and quantitative skills.
  • Proven strong Microsoft Office Suite product skills and project management software skills.
  • Proven ability to collaborate with a variety of leaders.
  • Proven ability to negotiate effectively with key employees, senior management, and vendors.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities:
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws.
For further information, please review the Know Your Rights notice from the Department of Labor.