We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Granite Telecommunications jobs

Manager of Information Security

Granite Telecommunications
tuition assistance, 401(k)
United States, Massachusetts, Quincy
100 Newport Avenue Extension (Show on map)
Feb 04, 2026

Granite delivers advanced communications and technology solutions to businesses and government agencies throughout the United States and Canada. We provide exceptional customized service with an emphasis on reliability and outstanding customer support and our customers include over 85 of the Fortune 100. Granite has over $1.85 Billion in revenue with more than 2,100 employees and is headquartered in Quincy, MA. Our mission is to be the leading telecommunications company wherever we offer services as well as provide an environment where the value of each individual is recognized and where each person has the opportunity to further their growth and achieve success.

Granite has been recognized by the Boston Business Journal as one of the "Healthiest Companies" in Massachusetts for the past 15 consecutive years.

Our offices have onsite fully equipped state of the art gyms for employees at zero cost.

Granite's philanthropy is unparalleled with over $300 million in donations to organizations such as Dana Farber Cancer Institute, The ALS Foundation and the Alzheimer's Association to name a few.

We have been consistently rated a "Fastest Growing Company" by Inc. Magazine.

Granite was named to Forbes List of America's Best Employers 2022, 2023 and 2024.

Granite was recently named One of Forbes Best Employers for Diversity.

Our company's insurance package includes health, dental, vision, life, disability coverage, 401K retirement with company match, childcare benefits, tuition assistance, and more.

If you are a highly motivated individual who wants to grow your career with a fast paced and progressive company, Granite has countless opportunities for you.

EOE/M/F/Vets/Disabled

General Summary of Position:

The Manager of Information Security leads Granite's enterprise security program, ensuring the protection of corporate systems, applications, cloud platforms, and data across the entire business. This role drives the strategy, implementation, and continuous improvement of security policies, controls, and processes while enabling secure operations across IT, Engineering, Operations, Legal, and customerfacing teams. It oversees vulnerability management, cloud security (GCP and AWS), identity and access management, application security, incident response, and thirdparty risk, ensuring security is embedded into technology decisions and business initiatives. The position also maintains focused support for governmentrelated compliance activities, such as NISTbased requirements and limited ATO documentation, representing a smaller but important portion of the role. Overall, the Senior Manager provides crossfunctional leadership to strengthen Granite's security posture, reduce risk, and support the organization's operational and strategic goals

Duties and Responsibilities:



  • Oversee and manage Granite's enterprise wide Information Security Program, ensuring
    protection of corporate systems, data, applications, cloud environments, and business
    operations across all departments (IT, Engineering, Legal, Ops, Customer facing
    teams).
  • Lead the development, implementation, and continuous improvement of corporate
    security policies, standards, procedures, and supporting governance documents.
  • Direct vulnerability management activities across infrastructure, cloud, and
    applications; coordinate remediation with engineering, DevOps, and operations teams;
    validate fixes through scanning and ongoing monitoring.
  • Oversee cloud security for GCP and AWS, ensuring secure configuration, access
    control, and alignment with best practices.
  • Drive secure architecture reviews, application security requirements, and SDLC
    security integration for internal products.
  • Partner with Engineering, Infrastructure, DevOps, and Network teams to evaluate
    system changes, cloud migrations, firewall updates, and new deployments to ensure
    security requirements and risk mitigations are properly addressed.
  • Lead incident response activities-coordinate triage, communicate with stakeholders,
    review root causes, and ensure corrective actions and preventative measures are
    implemented.
  • Manage enterprise identity and secrets programs, including MFA requirements, SSO
    implementation, service account lifecycle, least privilege enforcement, and secure
    credential rotation.
  • Guide third party risk management, review vendor documentation, determine required
    evidence levels, and assess security impact of new or ongoing vendors.
  • Provide security guidance and support for business processes, system enhancements,
    corporate initiatives, new integrations, and technology transformations across the
    organization.
  • Lead recurring enterprise security meetings to align IT, Engineering, Legal, Audit, and
    business leaders on priorities, risks, and remediation activities.
  • Ensure proper data handling practices across the business, including the identification
    and removal of sensitive or regulated data from email, local drives, Teams, and other
    systems.
  • Support corporate continuity and resilience activities, including business impact
    analysis, response planning, and readiness validation.
  • * Provide accurate, timely responses to security questionnaires, proposals, and customer
    inquiries across business units; contribute security content for RFPs, audits, and partner
    assessments.
  • Maintain compliance for federal BSS/GBSS systems under NIST SP 800 53 / 800 171
    and GSA requirements; update SSPs; and support ATO assessments as needed.
  • Provide federal agencies (e.g., GSA, DARPA) with required security documentation,
    system diagrams, and responses when requested.
  • Perform other duties as required
  • Obtain/retain a government security clearance as may be required to perform the duties
    of the position


Required Qualifications:



  • Bachelor's degree in Computer Science, Information Systems, Information Assurance,
    or equivalent experience.
  • Eligibility to obtain and maintain Public Trust (Tier 2) or other federal security
    clearances.
  • Handson experience implementing NIST SP 80053, NIST SP 800171, SOC 2, PCIDSS, RMF, and FISMA Moderate controls in enterprise environments.
  • Demonstrated experience with SSP writing, ATO packages, security assessments, and
    continuous monitoring activities.
  • Experience with cloud security in Google Cloud Platform (GCP) and Amazon Web
    Services (AWS). Familiarity with application security best practices (OWASP, SDLC integration,
  • SAST/DAST scanning workflows).
  • Ability to interpret and communicate security requirements to engineering, legal, and
    operations teams.
  • Experience supporting vendor risk reviews, questionnaire responses, and assessment of
    thirdparty security materials.
  • Experience with security controls in a converged infrastructure/virtual machine
    environment
  • Experience developing information system security plans, policies, and procedures for
    Local Area Network (LAN) information systems and wide area network (WAN)
    information systems
  • Strong crossteam leadership, communication, and documentation skills.

Applied = 0
MORE JOBS LIKE THIS

(web-54bd5f4dd9-cz9jf)