Security Manager jobs in United States
cer-icon
Apply on Employer Site
company-logo

Bestpass by Fleetworthy · 17 hours ago

Security Manager

positionAlbany, NY (Hybrid)
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$0/yr - $105K/yr
date5+ years exp

Bestpass, now rebranded as Fleetworthy, is focused on enhancing fleet safety, compliance, and toll management. They are looking for a Security Manager to lead their security and compliance program, which includes overseeing risk assessments, compliance audits, and the development of security policies.

Information TechnologyRailroadSoftwareTransportation
check
Growth Opportunities
check
H1B Sponsor Likelynote

Responsibilities

Define, maintain and evolve a risk-based security strategy and roadmap aligned to business objectives
Lead formal risk assessments, maintain a risk register, and prioritize remediation by business impact and likelihood
Translate risk decisions into measurable security initiatives and KPIs
Own end-to-end ISO 27001 and SOC 2 programs and ensure timely completion of annual audits (internal and external)
Coordinate audit planning, evidence collection, remediation tracking, and auditor liaison
Maintain policy acceptance and staff compliance using our GRC platform. Drive attestations, exceptions, corrective actions, and reporting
Prepare readiness assessments, internal audit schedules, and continuous monitoring to maintain certification and attestations
Host Incident Response Tabletops aligned with our ISMS IR policy
Create, revise and operationalize security policies, standards and procedures to ensure they are functional, enforceable, and compliant with ISO 27001, SOC 2 and applicable laws/regulations
Ensure policies reflect operational realities (performance, availability, business workflows) while meeting security and compliance objectives
Run the policy lifecycle: drafting, stakeholder review, approval, publishing, implementation, training and periodic review
Serve as the company’s primary internal and external representative for security concerns, events, and incident response activities
Oversee vulnerability management, patching, endpoint protection, identity & access management, and cloud security controls across on-prem and cloud environments in collaboration with our IT Support team
Define security requirements and review system designs, including cloud (AWS/Azure/GCP) and hybrid architectures
Partner with IT and Development to ensure secure system configuration, logging, monitoring, and incident readiness
Lead security incident response coordination, post-incident reviews and remediation ownership
Mentor, and grow security team members; set clear objectives and career development plans
Act as the security liaison to the business to align security with business priorities
Oversee third-party/vendor risk assessments and security requirements for procurement
Meet with customers to address security & compliance questions
Own budgeting and sourcing of security tools and services
Execute other duties typical of a security manager as required

Qualification

ISO 27001SOC 2Risk managementCloud platformsGRC platformsPolicy managementCommunication skillsTeam leadership

Required

5+ years of hands-on security experience with at least 2 years in a security leadership or manager role
Demonstrated experience owning ISO 27001 and SOC2 programs, including successful audit cycles and remediation
Strong practical knowledge of risk management frameworks and a documented, risk-based decision process
Hands-on familiarity with cloud platforms (AWS, Azure), identity & access management, endpoint protection, SIEM/EDR and vulnerability scanning
Experience with GRC platforms and running policy attestation workflows (eg; Drata, Vanta, etc)
Excellent written and verbal communication skills. Ability to author clear, enforceable policies and communicate risk to technical and executive audiences
Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience)

Preferred

Professional certifications such as CISSP, CISM, CISA, or ISO27001 Lead Implementor/Auditor
Prior experience supporting hybrid environments (on-prem + cloud) and virtual infrastructure (VMware)
Familiarity with SOC2 auditor expectations, control mapping, and evidence generation
Experience with automation, scripting, and security tooling integrations

Company

Bestpass by Fleetworthy

twittertwittertwitter
company-logo
Bestpass is now part of Fleetworthy.
dateFounded in 2001
location
Boston, Massachusetts, USA
people-size501-1000 employees
web-link
https://bestpass.com/

H1B Sponsorship

Bestpass by Fleetworthy has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (3)
2020 (1)

Funding

Current Stage
Late Stage
Total Funding
$0.01M
Key Investors
Insight PartnersSusquehanna Growth Equity
2023-06-06Private Equity
2023-05-26Debt Financing· $0.01M
2018-01-01Private Equity

Leadership Team

leader-logo
Tom Fogarty
Chief Executive Officer
linkedin

Recent News

PR Newswire
Fleetworthy Expands Bestpass Toll Genius Access Through New Platform Science Integration, Delivering AI-Powered Toll Analytics and Enhanced Reporting Capabilities
2025-12-11
TheTrucker.com
Bestpass appoints innovation and growth executives to team
2024-05-19
PR Newswire
Bestpass Announces New Integration with Geotab
2024-04-06
Company data provided by crunchbase