Canada's Challenger Bank™
Being a traditional bank just isn't our thing. We are big believers in innovating the banking experience because we believe Canadians deserve better options, and we challenge ourselves and our teams to creatively transform what's possible in banking. Our team is made up of inquisitive and agile minds that find smarter ways of doing things. If you're not afraid of taking on big challenges and redefining the future, you belong at EQB. You'll get to work with people who will encourage you to reach new heights. We like to keep things fun, ask questions and learn together. We're proud to be a certified Great Place to Work since 2020 for Professional Development, Financial Services and Best Workplace. Our EQ Bank platform has been named #1 Bank in Canada on the Forbes World's Best Banks 2021 and 2022! We foster an inclusive environment that makes it easy for people to be themselves and bring their personalities to work. We would love to tell you more about what it's like to work here.
Purpose of Job
The Information Security Risk Manager will work closely with the technology teams and line of business teams to mitigate the risk of security attacks while enabling the business to grow the bank and serve our customers efficiently and securely.
Main ActivitiesManage end-to-end vulnerability management process and reporting.Normalize vulnerabilities severity.Establish a scoring system for assets.Visualize vulnerabilities statistics per portfolio and/or product.Design and implement meaningful dashboards and reports.Manage security risks for assigned portfolio to ensure that action/mitigation plans are defined and actioned in-time.Escalate outstanding risks as required.Manage and maintain scanning tools.Update and mature security processes.
Knowledge/Skill RequirementsA college diploma or university degree is required. Higher accreditation (e.g. Bachelor of Computer Science) is preferred.At least five (5) years of information security and information risk experience. Experience of setting up and running scanning tools for IT infrastructure and/or applications security testing is required.Experience with application development Experience with cloud concepts Experience in reporting tools such as Power BI and/or Tableau is required Understanding of CI/CD pipeline and approaches to automate security testing is an asset The following certifications are preferred: CCSP, CCSK, CISM, CISSP, or CRISC.Understanding and experience with PCI DSS, MITRE ATT&CK, BSIMM, NIST, ISO 27K series is an asset.Experience working in a banking or financial services environment is an asset.
What EQ Bank offers:Named “Best Workplaces in Financial Services & Insurance 2021”An inclusive and collaborative working environment that encourages curiosity, creativity and innovation.An experience to work and learn from diverse industry leaders.A continuous improvement journey using the latest technologies.An opportunity for innovation, continuous learning and career progression.A competitive total benefit package that includes a base salary, a performance bonus, company matching programs, vacation, personal & sick days, maternity/paternity leave, medical, vision and dental benefits and much more.
This role will be Hybrid or Remote based on your preference
#LI-Hybrid
What we offer [For full-time permanent roles]
💰 Competitive discretionary bonus
✨ Market leading RRSP match program
🩺 Medical, dental, vision, life, and disability benefits
📝 Employee Share Purchase Plan
👶🏽 Maternity/Parental top-up while you care for your little one
🏝 Generous vacation policy, personal days and even a moving day
🖥 Virtual events to connect with your fellow colleagues
🎓 Annual professional development allowance and a comprehensive Career Development program
💛 A fulfilling opportunity to join one of the top FinTechs and help create a new kind of banking experience
Equitable Bank is deeply committed to inclusion. Our organization is stronger and our employees thrive when we honour and celebrate everyone's diverse experiences and perspectives. In tandem with that commitment, we support and encourage our staff to grow not just in their career path, but personally as well.
We commit to providing a barrier-free recruitment process and work environment for all applicants. Please let us know of any accommodations needed so that you can bring your best self to the application process and beyond. All candidates considered for hire must successfully pass a criminal background check and credit check to qualify for hire. While we appreciate your interest in applying, an Equitable recruiter will only contact leading candidates whose skills and qualifications closely match the requirements of the position.
We can't wait to get to know you!
Explore jobs
Find specific jobs
Explore careers
Explore professions
Best companies
Explore companies
How to hire an information security manager
Information security manager hiring summary. Here are some key points about hiring information security managers in the United States:
- There are currently 15,211 information security managers in the US, as well as 115,414 job openings.
- Information security managers are in the highest demand in New York, NY, with 19 current job openings.
- The median cost to hire an information security manager is $1,633.
- It takes between 36 and 42 days to fill the average role in the US.
- Human Resources use 15% of their expenses on recruitment on average.
- On average, it takes around 12 weeks for a new information security manager to become settled and show total productivity levels at work.
How to hire an information security manager, step by step
To hire an information security manager, consider the skills and experience you are looking for in a candidate, allocate a budget for the position, and post and promote the job opening to reach potential candidates. Follow these steps to hire an information security manager:
Here's a step-by-step information security manager hiring guide:
- Step 1: Identify your hiring needs
- Step 2: Create an ideal candidate profile
- Step 3: Make a budget
- Step 4: Write an information security manager job description
- Step 5: Post your job
- Step 6: Interview candidates
- Step 7: Send a job offer and onboard your new information security manager
- Step 8: Go through the hiring process checklist
What does an information security manager do?
An information security manager is primarily in charge of overseeing the security systems established to protect a company's data from hackers or cyber-attacks. Their responsibilities revolve around monitoring networks for any security breaches, designing and developing new security systems, and improving existing ones when necessary. They may also perform research and analysis to determine company needs, provide instructional materials, and produce progress reports. Furthermore, as an information security manager, it is essential to provide technical support to employees, all while adhering to the company's policies and regulations.
Post an information security manager job for free, promote it for a fee
Identify your hiring needs
Before you post your information security manager job, you should take the time to determine what type of worker your business needs. While certain jobs definitely require a full-time employee, it's sometimes better to find an information security manager for hire on a part-time basis or as a contractor.
Determine employee vs contractor statusIs the person you're thinking of hiring a US citizen or green card holder?You should also consider the ideal background you'd like them an information security manager to have before you start to hire. For example, what industry or field would you like them to have experience in, what level of seniority or education does the job require, and how much it'll cost to hire an information security manager that fits the bill.
Here's a comparison of information security manager salaries for various roles:
Type of Information Security Manager Description Hourly rate Information Security Manager Information security analysts plan and carry out security measures to protect an organization’s computer networks and systems. Their responsibilities are continually expanding as the number of cyberattacks increases. $43-84 Securities Consultant A securities consultant is responsible for maintaining the safety and security of the company's premises, including enforcing protection for all the employees and company assets. Securities consultants also handle the confidentiality and stability of data network systems to prevent potential breaches and unauthorized access to information... Show more $34-55 Securities Analyst Securities analysts, also known as financial analysts, are responsible for collecting and interpreting data on securities, economies, corporate strategies, and financial markets. They provide clients with recommendations on investments based on in-depth research... Show more $28-56 Create an ideal candidate profile
Common skills:- Risk Management
- NIST
- Infrastructure
- Governance
- Incident Response
- Risk Assessments
- Access Management
- ISO
- Vulnerability Management
- HIPAA
- Cloud Security
- Security Operations
- Application Security
- Windows
Responsibilities:- Develop goals and strategies to achieve company goals while improving upon current ITIL processes and procedures.
- Provide direct leadership with managing corporate HIPAA Privacy/Security compliance initiatives.
- Manage the administration of various encryption, authentication and public/private key management technologies and certificate/digital authority.
- Manage the conversion to a hybrid NAS/disk/tape CommVault base backup environment resulting in decreasing backup windows and improving recovery objectives.
- Conduct risk assessments and collaborate with leadership to provide recommendations regarding critical infrastructure and network security operations enhancements.
- Coordinate penetration testing, address vulnerabilities, and analyze NIST 800-82 and ISO 27001 standards/gap analysis for SCADA and business networks.
Make a budget
Including a salary range in the information security manager job description is a good way to get more applicants. An information security manager salary can be affected by several factors, such as the location of the job, the level of experience, education, certifications, and the employer's prestige.
For example, the average salary for an information security manager in Missouri may be lower than in California, and an entry-level engineer typically earns less than a senior-level information security manager. Additionally, an information security manager with lots of experience in the field may command a higher salary as a result.
Average information security manager salary
$126,447yearly
$60.79 hourly rateEntry-level information security manager salary$91,000 yearly salaryUpdated December 5, 2025Average information security manager salary by state
Rank State Avg. salary Hourly rate 1 California $158,053 $76 2 Washington $133,112 $64 3 Oregon $129,073 $62 4 New Jersey $128,290 $62 5 Texas $124,859 $60 6 Arizona $122,867 $59 7 Massachusetts $121,071 $58 8 North Carolina $120,610 $58 9 District of Columbia $118,200 $57 10 New York $116,478 $56 11 Minnesota $114,703 $55 12 Maine $112,371 $54 13 Illinois $111,306 $54 14 Michigan $111,161 $53 15 Utah $108,032 $52 16 Virginia $107,698 $52 17 Georgia $107,583 $52 18 Pennsylvania $107,456 $52 19 Ohio $106,535 $51 20 Colorado $105,658 $51 Average information security manager salary by company
Rank Company Average salary Hourly rate Job openings 1 eBay $160,903 $77.36 4 2 Apple $160,343 $77.09 37 3 PayPal $158,247 $76.08 15 4 The Walt Disney Company $158,129 $76.02 36 5 Thumbtack $156,445 $75.21 6 Mayo Clinic $155,752 $74.88 31 7 Rubrik $148,695 $71.49 13 8 DocuSign $147,898 $71.10 6 9 Gillette $144,612 $69.53 10 Adobe $143,129 $68.81 25 11 Cisco $142,638 $68.58 27 12 Real Estate Source, Inc. $142,023 $68.28 1 13 Intuit $141,958 $68.25 29 14 Scripps Health $141,296 $67.93 3 15 Sony Pictures $140,715 $67.65 9 16 Workday $139,772 $67.20 1 17 Texas Children's Hospital $138,159 $66.42 7 18 Motion Recruitment $136,751 $65.75 16 19 LinkedIn $136,352 $65.55 5 20 Varian Medical Systems $135,799 $65.29 Writing an information security manager job description
A job description for an information security manager role includes a summary of the job's main responsibilities, required skills, and preferred background experience. Including a salary range can also go a long way in attracting more candidates to apply, and showing the first name of the hiring manager can also make applicants more comfortable. As an example, here's an information security manager job description:
Information security manager job description example
Post your job
There are various strategies that you can use to find the right information security manager for your business:
- Consider promoting from within or recruiting from your existing workforce.
- Ask for referrals from friends, family members, and current employees.
- Attend job fairs at local colleges to find candidates who meet your education requirements.
- Use social media platforms like LinkedIn, Facebook, and Twitter to reach potential job candidates.
- Post your information security manager job on Zippia to find and attract quality information security manager candidates.
- Use niche websites such as dice, engineering.com, stack overflow, it job pro.
- Post a job on free websites.
Interview candidates
Your first interview with information security manager candidates should focus on their interest in the role and background experience. As the hiring process goes on, you can learn more about how they'd fit into the company culture in later rounds of interviews.
It's also good to ask about candidates' unique skills and talents. You can move on to the technical interview if a candidate is good enough for the next step.
While interviews are great, you will only sometimes learn enough from a conversation with an information security manager applicant. In those cases, having candidates complete a test project can go a long way in figuring out who's the most likely to succeed in the role. If you aren't a technical person and don't know how to design an appropriate test, you can ask someone else on the team to create it or take a look at these websites to get a few ideas:
- TestDome
- CodeSignal
- Testlify
- BarRaiser
- Coderbyte
The right interview questions can help you assess a candidate's hard skills, behavioral intelligence, and soft skills.
Send a job offer and onboard your new information security manager
Once you've decided on a perfect information security manager candidate, it's time to write an offer letter. In addition to salary, it should include benefits and perks available to the employee. Qualified candidates may be considered for other positions, so make sure your offer is competitive. Candidates may wish to negotiate. Once you've settled on the details, formalize your agreement with a contract.
You should also follow up with applicants who don't get the job with an email letting them know that you've filled the position.
After that, you can create an onboarding schedule for a new information security manager. Human Resources and the hiring manager should complete Employee Action Forms. Human Resources should also ensure that onboarding paperwork is completed, including I-9s, benefits enrollment, federal and state tax forms, etc., and that new employee files are created.
Go through the hiring process checklist
- Determine employee type (full-time, part-time, contractor, etc.)
- Submit a job requisition form to the HR department
- Define job responsibilities and requirements
- Establish budget and timeline
- Determine hiring decision makers for the role
- Write job description
- Post job on job boards, company website, etc.
- Promote the job internally
- Process applications through applicant tracking system
- Review resumes and cover letters
- Shortlist candidates for screening
- Hold phone/virtual interview screening with first round of candidates
- Conduct in-person interviews with top candidates from first round
- Score candidates based on weighted criteria (e.g., experience, education, background, cultural fit, skill set, etc.)
- Conduct background checks on top candidates
- Check references of top candidates
- Consult with HR and hiring decision makers on job offer specifics
- Extend offer to top candidate(s)
- Receive formal job offer acceptance and signed employment contract
- Inform other candidates that the position has been filled
- Set and communicate onboarding schedule to new hire(s)
- Complete new hire paperwork (i9, benefits enrollment, tax forms, etc.)
Sign up to download full list
How much does it cost to hire an information security manager?
Before you start to hire information security managers, it pays to consider both the one-off costs like recruitment, job promotion, and onboarding, as well as the ongoing costs of an employee's salary and benefits. While most companies that hire information security managers pay close attention to the initial cost of hiring, ongoing costs are much more significant in the long run.
You can expect to pay around $126,447 per year for an information security manager, as this is the median yearly salary nationally. This can vary depending on what state or city you're hiring in. If you're hiring for contract work or on a per-project basis, hourly rates for information security managers in the US typically range between $43 and $84 an hour.
Find better information security managers in less time
Post a job on Zippia and hire the best from over 7 million monthly job seekers.
Hiring information security managers FAQs
Search for information security manager jobs
Ready to start hiring?
Updated December 5, 2025