Information Security Manager

Information Security Manager

Norfolk, VA

About Titan America

Titan America LLC (NYSE: TTAM), a TITAN Group Company, is one of the premier producers of cement and building materials in the eastern United States and the North American subsidiary of the TITAN Group. With a history spanning over 100 years, Titan America has consistently delivered innovation, operational excellence, and sustainable solutions. Our comprehensive portfolio—including cement, aggregates, fly ash, ready-mix concrete, and specialty admixtures—serves diverse customer needs across commercial, industrial, and infrastructure markets.

We have an excellent opportunity within our IT department at our Corporate Office in Norfolk, VA.

Role Overview

The Information Security Manager is responsible for leading and executing the organization’s information security program with a strong focus on regulatory compliance, risk management, governance, and strategic enablement of the business. This role serves as the primary owner and stakeholder for IT and Information Security compliance initiatives, including SOX, U.S. Coast Guard regulatory requirements, and enterprise security governance, while providing leadership across mergers and acquisitions, internal audit engagement, and enterprise security communications.

The position balances hands-on program management, strategic planning, and people leadership, ensuring security initiatives align with organizational objectives, regulatory obligations, and evolving threat landscapes.

Key Responsibilities

Security Governance, Risk, and Compliance

• Own and manage IT and Information Security compliance tools and platforms (e.g., AuditBoard), ensuring effective evidence collection, control mapping, issue tracking, and reporting.
• Act as the primary IT/Information Security SOX Compliance Owner and Stakeholder, partnering with Finance, Internal Audit, and external auditors to ensure timely and effective control execution.
• Lead U.S. Coast Guard (USCG) cybersecurity and regulatory compliance efforts, ensuring adherence to applicable maritime, industrial, and critical infrastructure security requirements.
• Develop, maintain, and oversee information security policies, standards, procedures, and guidelines to ensure regulatory compliance and alignment with industry’s best practices.
• Provide oversight and coordination for Information Security internal and external audits, including remediation planning, validation, and executive reporting.

Mergers, Acquisitions, and Enterprise Risk

• Lead Information Security due diligence for mergers, acquisitions, divestitures, and integrations.
• Assess cybersecurity risk posture of target organizations and define remediation and integration roadmaps.
• Partner with Legal, Finance, IT, and business leadership to ensure security risks are identified, communicated, and managed throughout transaction lifecycles.

Strategic Planning and Program Execution

• Define and execute the Information Security strategic roadmap aligned to business objectives, regulatory requirements, and enterprise risk tolerance.
• Translate security strategy into measurable initiatives, roadmaps, and key performance indicators (KPIs).
• Serve as a trusted advisor to business leaders, enabling secure business operations, innovation, and growth.
• Provide Information Security program management oversight, including initiative prioritization, resource planning, and progress reporting.

Enterprise Communication and Stakeholder Engagement

• Lead and coordinate security communications across Titan Group / Titan America, ensuring consistent messaging, risk awareness, and executive-level visibility.
• Prepare and deliver security updates, risk summaries, and compliance status reports to senior leadership and key stakeholders.
• Partner with IT, Legal, HR, Compliance, and Operations to embed security into enterprise processes and culture.

People Leadership and Professional Development

• Build, mentor, and develop a high-performing Information Security team.
• Drive professional growth through targeted training, career development planning, and succession planning.
• Encourage and support attainment and maintenance of professional certifications and continuous learning.
• Foster a culture of accountability, collaboration, and continuous improvement.

Training and Awareness

• Oversee Information Security professional training programs and enterprise security awareness initiatives.
• Ensure employees, contractors, and third parties understand security responsibilities, regulatory obligations, and risk management practices.

Qualifications

Required

• A Bachelor's degree in Information Security, Computer Science, Information Systems, or a closely related field, or equivalent relevant experience, is required.
• 7+ years of progressive experience in Information Security, IT Risk, or Compliance roles.
• Demonstrated experience managing SOX IT controls, audits, and regulatory compliance programs.
• Strong knowledge of security governance frameworks (e.g., NIST, ISO 27001, CIS, SOC).
• Experience with GRC platforms such as AuditBoard or similar tools.
• Proven ability to manage complex, cross-functional initiatives and executive stakeholders.

Preferred

• Experience supporting U.S. Coast Guard or maritime/industrial regulatory environments.
• M&A cybersecurity due diligence and post-merger integration experience.
• Prior people management and team leadership experience.
• Strong understanding of enterprise risk management and internal audit practices.

Professional Certifications (Preferred or Supported)

• CISM, CISSP, CRISC, CISA
• GIAC certifications
• PMP or other program/project management certifications

Key Competencies

• Strategic thinking and execution
• Regulatory and audit leadership
• Risk-based decision making
• Executive communication and influence
• Program and portfolio management
• Talent development and team leadership

Success Measures

• Effective and timely completion of SOX, USCG, and regulatory audits with minimal findings
• Maturity and adoption of security governance and compliance processes
• Successful integration of security into M&A activities
• Improved security posture and risk visibility across the enterprise
• Growth and retention of a highly skilled Information Security team

Join us in shaping the future of building materials with innovation, excellence, and sustainability at our core. Explore more about Titan America's transformative impact by visiting