Information Security Manager Jobs in USA with Visa Sponsorship
Information Security Manager roles attract strong H-1B visa sponsorship from financial services, healthcare, and tech employers. Most require a bachelor's degree in computer science or cybersecurity, and relevant certifications like CISSP or CISM significantly strengthen your petition. For detailed occupation requirements, see the O*NET profile.
See All Information Security Manager JobsOverview
Showing 5 of 40+ Information Security Manager jobs
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
See all 40+ Information Security Manager jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Information Security Manager roles.
Get Access To All JobsAt Beyond Finance, we've made it our mission to help everyday Americans escape the endless cycle of crippling debt and step into a brighter financial future. Through compassionate, individualized care, a culture focused on compliance and ethics, supportive user-centric technology, and customized financial solutions, we've helped over 1 million clients on their path to a brighter future.
While we're proud of what we've already accomplished, we're searching for new collaborators to help us get to the next level! If you're looking to join a forward-thinking, rapidly growing organization with helping people as its number one goal, we want to hear from you.
The Role
As the Information Security Manager, you will lead our security operations function, the team responsible for monitoring the environment, triaging security signals across cloud and endpoints, running the company's Insider Risk program, and owning initial vulnerability triage. You have a demonstrated track record of relentlessly pursuing high security standards and holding your team accountable to them. You will manage analysts who serve as the first line of detection for the security organization, ensuring threats are identified, sized, and routed with the right context and urgency. Your primary objective is to build a disciplined, high-signal operations function that drives down dwell time and keeps the broader security team focused on the most impactful work.
Key Responsibilities
- Security Operations Ownership: Own the day-to-day function of the team — alert triage, signal prioritization, and escalation workflows. Ensure the team operates consistently and with a clear sense of urgency.
- SIEM & Detection Management: Own SIEM operations hands-on — including log source onboarding, pipeline configuration, parsing, detection coverage, rule tuning, and alert fidelity. Ensure the team is operationalizing threat intelligence and not just reacting to whatever fires first.
- Cloud & Endpoint Signal Triage: Oversee triage of security signals sourced from cloud infrastructure, endpoint detection, and network controls. Separate noise from meaningful findings and ensure high-fidelity signals reach the right team with full context.
- Incident Response Ownership: Own the incident response function end-to-end — from initial escalation through containment, cross-functional coordination, and post-incident review. Ensure findings drive detection improvements and close the loop with Security Engineering where remediation is required.
- Insider Risk Program: Lead the Insider Risk process end-to-end — from identifying coverage gaps across cloud and endpoint environments, to behavioral monitoring and DLP signal review, through investigation, escalation, and case closure.
- Vulnerability Triage: Own initial triage and prioritization of vulnerability findings. Size risk, assign severity, and route to Security Engineering with the context needed to make prioritization decisions.
- Team Leadership: Lead and develop a team of security analysts, managing performance and growth while building a culture of rigor and ownership.
- Cross-Functional Partnership: Act as a key interface between the security function and the broader business. Work directly with HR and Legal on Insider Risk cases that require cross-functional handling, and engage with business leadership to communicate risk, provide operational context, and ensure security decisions are grounded in business impact.
Skill Requirements
- 5+ years of hands-on experience in security operations, incident response, or a SOC environment
- Direct people management experience with analysts or security operations staff
- Technical depth in SIEM platforms — log ingestion, pipeline and parsing configuration, detection engineering, and alert tuning
- Demonstrated experience running or contributing to an Insider Risk or DLP investigation program, with the technical understanding to identify coverage gaps across cloud and endpoint environments
- Working knowledge of vulnerability triage and risk prioritization — CVSS, asset context, business impact
- Ability to triage and contextualize signals from cloud infrastructure and endpoint tooling
- Clear communicator who can size and convey risk across technical and non-technical audiences
Desirable Skills
- Experience with cloud-native security tooling and CSPM/CWPP signal interpretation
- Familiarity with phishing triage and email security investigation workflows
- Exposure to threat intelligence operationalization — consuming feeds and translating them into detection coverage
- Experience operating within a multi-team security model with defined handoff processes between operations, engineering, and GRC functions
The Ideal Candidate You run a tight operation and you're still technical enough to get your hands dirty. You've built or managed SOC workflows before and know the difference between a high-fidelity detection program and an alert noise machine. You take Insider Risk seriously — you understand the sensitivity, the cross-functional complexity, and the investigative discipline it requires, and you can look across a cloud and endpoint environment and identify where the coverage gaps actually are. You can stand up a log pipeline, tune a parser, and write a detection — and you can also walk a business leader through what a finding means and why it matters. You communicate clearly, move with urgency, and keep your team sharp on what actually matters.
Why Join Us?
While you make a difference for others, we'll work to make a difference for you, providing an uplifting, collaborative work environment and benefits that reflect your value to us. For eligible full-time employees, we offer:
- Considerable employer contributions for health, dental, and vision programs
- Generous PTO, paid holidays, and paid parental leave
- 401(k) matching program
- Merit advancement opportunities
- Career development & training
And finally, our team spirit and culture! We cultivate an environment of community, connection, and belonging across our entire organization.
Beyond Finance does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies in response to job positions. No fee will be paid to their parties who submit unsolicited candidates directly to Beyond Finance employees or the Beyond Finance HR team. No placement fee will be paid to any third party unless such a request has been made by the Beyond HR team.
At Beyond Finance, we've made it our mission to help everyday Americans escape the endless cycle of crippling debt and step into a brighter financial future. Through compassionate, individualized care, a culture focused on compliance and ethics, supportive user-centric technology, and customized financial solutions, we've helped over 1 million clients on their path to a brighter future.
While we're proud of what we've already accomplished, we're searching for new collaborators to help us get to the next level! If you're looking to join a forward-thinking, rapidly growing organization with helping people as its number one goal, we want to hear from you.
The Role
As the Information Security Manager, you will lead our security operations function, the team responsible for monitoring the environment, triaging security signals across cloud and endpoints, running the company's Insider Risk program, and owning initial vulnerability triage. You have a demonstrated track record of relentlessly pursuing high security standards and holding your team accountable to them. You will manage analysts who serve as the first line of detection for the security organization, ensuring threats are identified, sized, and routed with the right context and urgency. Your primary objective is to build a disciplined, high-signal operations function that drives down dwell time and keeps the broader security team focused on the most impactful work.
Key Responsibilities
- Security Operations Ownership: Own the day-to-day function of the team — alert triage, signal prioritization, and escalation workflows. Ensure the team operates consistently and with a clear sense of urgency.
- SIEM & Detection Management: Own SIEM operations hands-on — including log source onboarding, pipeline configuration, parsing, detection coverage, rule tuning, and alert fidelity. Ensure the team is operationalizing threat intelligence and not just reacting to whatever fires first.
- Cloud & Endpoint Signal Triage: Oversee triage of security signals sourced from cloud infrastructure, endpoint detection, and network controls. Separate noise from meaningful findings and ensure high-fidelity signals reach the right team with full context.
- Incident Response Ownership: Own the incident response function end-to-end — from initial escalation through containment, cross-functional coordination, and post-incident review. Ensure findings drive detection improvements and close the loop with Security Engineering where remediation is required.
- Insider Risk Program: Lead the Insider Risk process end-to-end — from identifying coverage gaps across cloud and endpoint environments, to behavioral monitoring and DLP signal review, through investigation, escalation, and case closure.
- Vulnerability Triage: Own initial triage and prioritization of vulnerability findings. Size risk, assign severity, and route to Security Engineering with the context needed to make prioritization decisions.
- Team Leadership: Lead and develop a team of security analysts, managing performance and growth while building a culture of rigor and ownership.
- Cross-Functional Partnership: Act as a key interface between the security function and the broader business. Work directly with HR and Legal on Insider Risk cases that require cross-functional handling, and engage with business leadership to communicate risk, provide operational context, and ensure security decisions are grounded in business impact.
Skill Requirements
- 5+ years of hands-on experience in security operations, incident response, or a SOC environment
- Direct people management experience with analysts or security operations staff
- Technical depth in SIEM platforms — log ingestion, pipeline and parsing configuration, detection engineering, and alert tuning
- Demonstrated experience running or contributing to an Insider Risk or DLP investigation program, with the technical understanding to identify coverage gaps across cloud and endpoint environments
- Working knowledge of vulnerability triage and risk prioritization — CVSS, asset context, business impact
- Ability to triage and contextualize signals from cloud infrastructure and endpoint tooling
- Clear communicator who can size and convey risk across technical and non-technical audiences
Desirable Skills
- Experience with cloud-native security tooling and CSPM/CWPP signal interpretation
- Familiarity with phishing triage and email security investigation workflows
- Exposure to threat intelligence operationalization — consuming feeds and translating them into detection coverage
- Experience operating within a multi-team security model with defined handoff processes between operations, engineering, and GRC functions
The Ideal Candidate You run a tight operation and you're still technical enough to get your hands dirty. You've built or managed SOC workflows before and know the difference between a high-fidelity detection program and an alert noise machine. You take Insider Risk seriously — you understand the sensitivity, the cross-functional complexity, and the investigative discipline it requires, and you can look across a cloud and endpoint environment and identify where the coverage gaps actually are. You can stand up a log pipeline, tune a parser, and write a detection — and you can also walk a business leader through what a finding means and why it matters. You communicate clearly, move with urgency, and keep your team sharp on what actually matters.
Why Join Us?
While you make a difference for others, we'll work to make a difference for you, providing an uplifting, collaborative work environment and benefits that reflect your value to us. For eligible full-time employees, we offer:
- Considerable employer contributions for health, dental, and vision programs
- Generous PTO, paid holidays, and paid parental leave
- 401(k) matching program
- Merit advancement opportunities
- Career development & training
And finally, our team spirit and culture! We cultivate an environment of community, connection, and belonging across our entire organization.
Beyond Finance does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies in response to job positions. No fee will be paid to their parties who submit unsolicited candidates directly to Beyond Finance employees or the Beyond Finance HR team. No placement fee will be paid to any third party unless such a request has been made by the Beyond HR team.
See all 40+ Information Security Manager jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Information Security Manager roles.
Get Access To All JobsTips for Finding Visa Sponsorship as an Information Security Manager
Lead with certifications on your resume
CISSP, CISM, and CISA certifications signal specialty occupation eligibility to both employers and USCIS. Petitions supported by industry credentials alongside a qualifying degree face fewer RFEs during adjudication.
Target regulated industries first
Banks, hospitals, and federal contractors face mandatory compliance frameworks like SOX, HIPAA, and FedRAMP. These organizations sponsor H-1B visas more consistently because security leadership is legally required, not discretionary.
Frame your degree field precisely
USCIS scrutinizes specialty occupation claims for management-adjacent roles. A degree in computer science, information systems, or cybersecurity maps more cleanly to this title than a general business or IT degree.
Document your technical scope, not just team size
Sponsorship petitions succeed when job duties demonstrate technical complexity. Highlight architecture decisions, incident response ownership, and security tool implementation rather than headcount or budget managed.
Ask about sponsorship before the final interview round
Many employers sponsor but don't advertise it. Raising sponsorship after an offer creates friction. Asking during a second-round conversation, once mutual interest is established, gives both sides time to align on process.
Use Migrate Mate to filter for verified sponsors
Not every posting that says 'visa sponsorship available' follows through. Migrate Mate surfaces employers with confirmed H-1B filing history for security roles, saving you from applying to companies that won't actually sponsor.
Information Security Manager jobs are hiring across the US. Find yours.
Find Information Security Manager JobsFrequently Asked Questions
Does Information Security Manager qualify as a specialty occupation for H-1B purposes?
Yes, but the petition needs to be drafted carefully. USCIS may question whether a management role requires a specific bachelor's degree. The strongest petitions document that the position demands theoretical and practical application of computer science, information security, or a directly related field, not just general business acumen. Roles with hands-on technical duties and a degree requirement written into the job description are approved more consistently.
Which visa categories are commonly used to sponsor Information Security Managers?
H-1B is the most common path for employer-sponsored security managers. Candidates with extraordinary achievement in cybersecurity, such as published research, national awards, or a record of leading high-profile breach responses, may qualify for O-1A. L-1A is an option for managers transferring from a foreign affiliate. Australian citizens can pursue the E-3, which has no lottery and renews indefinitely.
How do I find employers that actually sponsor H-1B visas for security manager roles?
Migrate Mate filters job listings by confirmed sponsorship history, so you're not guessing based on vague job description language. Look for employers in financial services, healthcare systems, defense contractors, and large technology companies. These sectors hire security managers at scale and have established immigration programs, meaning fewer delays and more experienced HR teams handling the petition process.
Does experience substitute for a degree when applying for H-1B sponsorship as a security manager?
USCIS allows three years of specialized experience to substitute for one year of a bachelor's degree, meaning 12 years of directly relevant experience can stand in for a four-year degree. In practice, approvals on experience-only petitions for management roles face higher RFE rates. Pairing substantial experience with an associate's degree or professional certifications like CISSP creates a stronger combined record than experience alone.
What is the H-1B approval rate for Information Security Manager roles?
USCIS doesn't publish approval rates by job title, but cybersecurity and IT management roles generally see approval rates above 85% when the petition clearly establishes specialty occupation. Denial risk increases when the job description includes duties that don't require a specific technical degree, or when the employer is classified as a staffing or consulting firm. Direct employer petitions with well-documented technical job duties perform significantly better.
What is the prevailing wage requirement for sponsored Information Security Manager jobs?
U.S. employers sponsoring a visa must pay at least the prevailing wage, which is what workers in the same role, area, and experience level typically earn. The Department of Labor sets this rate to make sure companies aren't hiring foreign workers simply because they'd accept lower pay than a U.S. worker. It varies by job title, location, and experience. You can look up current prevailing wage rates for any occupation and location using the OFLC Wage Search page.
See which Information Security Manager employers are hiring and sponsoring visas right now.
Search Information Security Manager Jobs