*Equal Opportunity Employer Veterans/Disabled*

SUMMARY:

The Manager of Cybersecurity and IT Governance is responsible for overseeing and coordinating the organization’s efforts to protect its information assets from cyber threats and ensure compliance with relevant laws and regulations. They are involved in planning, implementing, monitoring, and improving the cybersecurity policies, procedures, and systems. They also conduct risk assessments, audits, and investigations to identify and mitigate potential vulnerabilities and breaches. Additionally, they communicate and collaborate with various internal and external stakeholders, such as senior management, IT staff, vendors, customers, and regulators, to provide guidance, support, and reporting on cybersecurity and IT governance matters.

EDUCATION & EXPERIENCE:

• A bachelor’s degree in computer science, information technology, cybersecurity, or a related field; a master’s degree is preferred.
• Relevant certifications such as: Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA)  
• At least five (5) years of demonstrated proficiency in various cybersecurity domains such as risk management, incident response, cloud security, cybersecurity data analysis, and policy development.
• At least five (5) years of GRC experience with methodologies, activities, tools and enablers in a highly regulated industry.
• Two to four (2-4) years of experience in business process analysis, project methodology, or systems development life cycle.
• Familiarity with regulatory and/or industry frameworks such as CIS18, NIST 800, CMMC 2.0 among others.

ESSENTIAL TASKS & RESPONSIBILITIES:

• Cybersecurity Engineering: Planning, implementing, managing, monitoring, and upgrading IT security measures for the protection of the organization’s data, systems, and networks. Troubleshooting security and network problems. Responding to all system and/or network security breaches.
• Cybersecurity Operations: Identifying, detecting, protecting against, responding to and recovering from unauthorized activities affecting the enterprise’s digital footprint. Managing operational cybersecurity activities.
• IT Governance, Risk, and Compliance: Working with IT and security teams to understand the scope of your cybersecurity framework and document its strengths and limitations. Outlining the types of cybersecurity threats that you’ve identified from a technical perspective and bringing a business perspective to itemize additional threats.

TECHNICAL & MANAGERIAL COMPETENCIES:

• Fundamental technological skills: The Manager should have a solid understanding of the basic concepts and principles of network configuration and management, firewall installation, programming, and administration of various operating systems.
• Programming: The Manager should be proficient in programming and scripting languages such as JavaScript, Python, or C#, which can help them write internal systems, prevent hackers from exploiting vulnerabilities, and automate tasks.
• Risk identification and management: The Manager should be able to assess the potential threats and risks to the organization’s information assets, as well as design and implement appropriate solutions to mitigate them.
• Data management and analysis: The Manager should be able to collect, store, process, and analyze data related to cybersecurity incidents, performance metrics, compliance audits, and best practices.
• Cloud implementation and security: The Manager should be familiar with the benefits and challenges of cloud computing, as well as the tools and techniques to secure cloud-based systems and data.
• Communication and leadership: The Manager should be able to communicate effectively with various stakeholders, such as senior executives, IT staff, vendors, customers, and regulators.

#LI-AS1