Manager, Cyber Security

The Manager, Cyber Security is responsible for designing, leading, and implementing robust cybersecurity strategies that protect the organization's digital assets, systems, and sensitive information from evolving threats.

Requirements

• Lead, supervise, and mentor a team of cybersecurity analysts and engineers.
• Design a multi-year cybersecurity strategy that aligns with organizational goals and technological advancements.
• Develop, implement, and maintain security policies, standards, and guidelines.
• Regularly review and update policies to stay ahead of emerging threats and regulatory requirements.
• Create and manage the cybersecurity budget, ensuring investments are aligned with organizational priorities.
• Identify opportunities to optimize costs while maintaining strong security standards.
• Lead periodic organization-wide risk assessments, vulnerability scans, and threat analyses.
• Create detailed risk profiles for business units, prioritizing risks based on likelihood and potential impact.
• Develop risk mitigation plans that integrate seamlessly into operational processes.
• Ensure implementation of controls for physical, cloud, and network infrastructures.
• Oversee security audits for vendors, contractors, and third-party partnerships.
• Establish criteria for vendor selection based on security posture.
• Ensure compliance with data protection laws, such as GDPR, HIPAA, or local equivalents.
• Ensure adherence to industry standards and regulations (e.g., NIST CSF, ISO 27001, SOX, PCI DSS).
• Establish and regularly update an Incident Response Plan (IRP) that addresses various scenarios, including ransomware, DDoS attacks, and data breaches.
• Lead cross-functional teams during incidents to minimize business disruption.
• Ensure detailed post-incident reports with root cause analyses and recommendations for improvement.
• Partner with IT and operations teams to integrate cybersecurity into disaster recovery and business continuity plans.
• Test and refine plans through simulations and tabletop exercises.
• Manage SOC activities, ensuring 24/7 monitoring, detection, and response capabilities.
• Evaluate and implement advanced technologies like AI-driven threat detection and zero-trust architectures.
• Oversee the deployment and maintenance of security technologies, including firewalls, IDS/IPS, EDR solutions, and SIEM platforms.
• Ensure robust security configurations across all systems, including cloud services, IoT devices, and mobile endpoints.
• Implement encryption, tokenization, and DLP (Data Loss Prevention) systems to safeguard sensitive data.
• Develop executive-level reports that track security metrics, risk scores, and incident trends.
• Create and lead cybersecurity awareness training programs for all employees.
• Measure effectiveness through phishing simulations and employee engagement metrics.
• Act as a key partner to IT, legal, compliance, HR, and other departments to ensure security is embedded across the organization.

Benefits

• Medical
• dental
• vision
• 401k
• flexible spending account
• paid sick leave
• paid time off
• parental leave
• quarterly performance bonus
• training
• career growth
• education reimbursement