Senior Manager, Cyber Security

General Function / Summary:  

The Senior Manager, Cyber Security serves as the organization’s expert on cyber security protection, detection, response, and recovery. This leader manages a team that oversees the proper deployment, configuration, and functioning of firewalls, data protection controls, patching, encryption,  vulnerability scanning,  pen testing, cloud security, as well as identity and access management. This is also a strategic role that will be engaged in risk management and cyber risk mitigation. This leader is involved in evaluating vendor risk, examining vendor contracts or terms of service, helping different teams around the organization understand third-party risk and data privacy issues, and more. 

Essential Duties: 

• Lead a team that will monitor all operations and infrastructure, evaluating alerts and logs to ensure the organization’s digital security footprint is effective. 

• Monitor internal and external policy compliance to ensure that both your vendors and associates understand cyber security risk management policies and that they operate within that framework.  

• Monitor regulation compliance to ensure the organization follows CFPB and PCI compliance standards. 

• Embed the benefits of cyber security in the organization so associates champion efforts. 

• Oversee the security incident response program and ensure a well-defined and documented plan of action is followed if a security incident does occur. 

• Evaluate any new technology being introduced to the organization to ensure it meets all cyber security standards.   

• Develop KPIs and create monthly reporting to track the performance of security measures to protect information, network infrastructure, and computer systems. 

• Identify, define, and document system security requirements and recommend solutions to management. 

• Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data, and the company's reputation. 

• Manage third party IT Security vendor relationship. 

• Educate and train associates on information system security best practices. 

• Oversee the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action. 

• Liaise with external agencies, such as regulatory examiners and other advisory bodies, to ensure the organization maintains a strong security posture. 

• Maintain subject matter expertise to assist with security department’s law enforcement contacts and advise on insurance coverage levels related to cyber security threats. 

• Recommend and coordinate the implementation of technical controls to support and enforce defined security policies. 

• Lead security projects and direct other associates to ensure project milestones are met on time and within budget.  

• Execute people leader duties, such as performance management, timely completion of required training, ensure team metrics and associate career growth objectives are met. 

Minimum Education and Experience Required: 

• Bachelor’s degree in Computer Science, MIS, or equivalent experience 

• 7+ years of experience in IT Security roles 

• CISSP certification preferred  

• Experience managing a cyber security team 

• Experience developing, operating, and maintaining security systems 

• Knowledge of security systems including identity & access management, data loss prevention, firewalls, cloud security tools, and intrusion detection and notification systems 

• In-depth knowledge of security protocols and principles 

• Ability to handle multiple projects and tasks simultaneously and collaborate with all areas of the organization 

• Excellent written and verbal communication skills 

• Experience managing IT budget and vendors 

• Ability and willingness to consistently live and embrace our core values of accountable, inclusive, transparent, and focused 

​