Under direction of the VP, IT Operations & Cybersecurity, the Cybersecurity Manager is responsible for responding to events and alerts generated by information security technologies, reported events and any activity, which is suggestive of a potential information security event. In addition, this role will be responsible for several system management related to the management of endpoints.
The Cybersecurity Manager is a hands-on technologist who is an expert in the use of technologies used in the investigation of information security events and has a high level of expertise in performing security event analysis and incident response. Works closely with other members of the team in ensuring that the information security posture of the company is maintained and takes a proactive approach in continually assessing the security of systems throughout their lifecycle, providing recommendations for enhancing security and adapting to new threats and vulnerabilities.
Duties and Responsibilities
- Identify security requirements, using methods that may include risk and business impact assessments.
- Implement a cybersecurity framework and follow regulatory compliance requirements.
- Coordinate vulnerability assessments, remediation, and the coordination of incident response testing and training.
- Define, deploy, and manage cybersecurity programs and metrics.
- Act as the primary individual responsible for incident detection and response activities.
- Assist in the coordination and completion of information security operations documentation, including security-related policies and procedures.
- Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks.
- Participate in application development and projects to assess security requirements and controls and to ensure that security controls are implemented.
- Research, evaluate and recommend information-security-related hardware and software, including developing business cases for security investments.
- Provide on-call support for end users for all in-place security solutions.
- Conduct staff security outreach and engagement.
- Bachelor’s degree in Information Systems, Computer Science, or equivalent work experience.
- Minimum of two years IT or network security experience.
- Familiar with network scanning and other security tools.
- Certifications a plus.
- Strong problem-solving, communications, and documentation skills.
- Able to estimate, plan, and organize tasks associated with the role with minimal assistance.
- Ability to effectively prioritize and execute tasks in a fast-paced environment.
- Ability to participate in on-call rotations.
- Ability to communicate in an understandable, polite, friendly manner, both written and verbal.
- Strong organizational skills and ability to multi-task.
- Reliable transportation.
Generally, works in an office environment, but may occasionally be required to perform job duties outside of the typical office setting.
- Interaction with people and technology while either standing or sitting.
- Must be able to communicate face-to-face and on the phone.
- Must be able to lift up to 50 pounds unassisted, climb stairs, and crawl beneath desks and in tight areas.
Note: The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and/or skills required of all personnel so classified.