Information Security Manager

Information Security Manager at Colas USA Colas IS Support is the information technology arm of the North America business for Colas and is based in Denver, Colorado. Colas ISS strives to make Colas an industry leader through developing custom mobile applications and business intelligence tools, supporting core applications, maintaining our infrastructure, and much more. Through a partnership with the Colas Companies in the USA & Canada Colas IS Support helps empower our employees for success while also providing direct contact with users and other innovators across the organization.

$130,500 – $159,500 USD (Compensation based on experience)

• Develop, implement, and maintain the information security strategy, ensuring the confidentiality, integrity, and availability of company data and systems.
• Oversee and enforce security policies, procedures, and standards aligned with the NIST Cybersecurity Framework (CSF).
• Recruit, train, and mentor security team members, and manage relationships with external vendors.
• Adapt global security procedures to meet the needs of North American users and systems.
• Champion North American priorities within the global security team, influencing programs and projects.
• Lead vulnerability management, risk assessments, and incident response planning.
• Coordinate North American IT teams during cybersecurity incidents.
• Prepare and present regular reports on security operations and projects to senior management.
• Ensure compliance with relevant laws, regulations, and frameworkse.g., CMMC, privacy and AI laws).
• Oversee audits, analyze gaps, design remediation plans, and ensure closure of actions.
• Help define budgets for security operations and monitor expenses.
• Analyze data to propose security improvements for North American systems.

• Bachelor’s degree in Computer Science, Information Security, or related field (Master’s preferred).
• Minimum 6 years of information security experience, with at least 3 years in a leadership or managerial role.
• At least 2 years of experience working in a matrixed environment within a large organization.
• Preferred certifications: CISSP, CISM, or equivalent.
• Deep knowledge of security technologies (network, endpoint, email, identity & access management, application, data security).
• Experience with cloud infrastructure security (Azure preferred; OCI, AWS, Google also valued).
• Strong understanding of security frameworks and best practices (NIST CSF, CMMC, ISO 27001).
• Regulatory compliance, risk management, and audit process expertise.
• French language skills are a plus.

• Excellent communication: Able to convey complex security concepts to technical and non‑technical audiences.
• Collaborative mindset: Works effectively with cross‑functional teams.
• Leadership: Guides and mentors team members, manages vendors, and influences decision‑making.
• Critical thinking and business acumen: Balances cybersecurity strategy with business goals.
• Time management and empathy: Prioritizes tasks and fosters a security‑conscious culture.

• Remote work: Fully remote within the continental United States.
• Travel: Occasional travel may be required, including international trips.
• Employment requirements: Must be legally authorized to work in the United States. Pre‑employment criminal background check and drug screening required.
• Physical requirements: Prolonged computer use, basic hand‑eye coordination, and occasional travel.

Colas Inc. and its subsidiaries are an equal opportunity employer. For details on the specific commitment, please view the EEO document. If you are an individual with a disability and require a reasonable accommodation to:

• meet the requirements of the role in which you are applying
• complete any part of the application process
• access or use the online application process and need an alternative method for applying

Please contact Colas Inc. at 973‑290‑9082 or send an email to ColasRecruiter@colasinc.com.