Cybersecurity Manager

Dixon Hughes Goodman Charlotte , NC 28201

Posted 3 months ago


DHG ranks among the top 20 public accounting firms in the nation. With more than 2,000 professionals in 30+ offices located in 13 states, we combine extensive tax, assurance and advisory experience with a focus on relationships and personal service to help our clients achieve their goals. People, careers and flexibility are at the heart of DHG's culture making it a great place to build a valuable career.


The Cybersecurity Manager supervises multiple client engagement teams performing assessments, audits, and advisory consulting associated with cybersecurity governance, risk, and compliance. The DHG Cybersecurity Team's engagements vary considerably in size and complexity and require a combination of understanding of various technologies, cybersecurity compliance frameworks, and extensive client interaction. All of our IT Advisory services are designed for the dual purpose of strengthening internal controls and meeting compliance requirements.

IT advisory services focus on helping clients protect the security and integrity of their information by assessing the people, processes, and technology in place. Types of engagements for this role are likely to include PCI compliance assessments, cybersecurity risk and technical assessments, cyber policy procedure reviews, and Service and Organization Controls (SOC) 1, 2, 3, and SOC for Cyber reporting.

  • Execute assessments within the domains of: Security Policy, Security Governance, Access and Authentication Management, Threat and Vulnerability Management, Security Infrastructure and Architecture, Application Security Architecture, and Incident Response Management.

  • Oversee the performance of cybersecurity staff, leading assessment testing procedures, and reviewing team members' work product.

  • Analyze documentation, process information, technical configurations, or other client provided information and document the results of conversations and analysis.

  • Stay abreast of current and emerging security risks across multiple industries, including healthcare, financial, retail, insurance, and public sector.

  • Research new technologies, understand existing processes, and reference recognized standards and frameworks.

  • Clearly articulate the status and results of work performed, both orally and in written form, to internal management and DHG clients Interface with our project clients to identify and understand potential risk areas.

  • Contribute to the definition of final project scope, approach, and deliverables.

  • Develop other staff in assessment methodology, the understanding IT process and controls, and direct some staff activities.

  • Operate effectively and with minimal supervision, within a team or independently, performing special projects and related duties, as assigned.

  • Pursue continuous professional development through internal/external training, certifications and/or continuing education.

  • Identify opportunities for continuous improvement and enhancement to work programs and processes.



  • Minimum of 5 years of experience in the cybersecurity industry required, with 2-3 years of experience in cybersecurity governance, risk, and/or compliance audit and assessment preferred.

  • Bachelor's Degree in Cybersecurity, Computer Science, MIS, Information Security, or a related discipline required.

  • Strong IT Security knowledge required. Specifically, knowledge in one or more of the following areas: application security, network security, IT infrastructure, Windows and/or Linux system administration, database security.

  • Working experience and/or knowledge of web and mobile technology preferred

  • Experience with common security risk frameworks, including NIST 800-53 controls, the NIST Cybersecurity Framework, HIPAA, PCI, and CIS Critical Security Controls required.

  • Strong conceptual thinking aptitude required.

  • Strong interpersonal skills, including: written and verbal communications, willingness to assist in areas outside of direct assignments when necessary, and commitment to self-improvement and completion of team objectives required.

  • Professional certification (e.g., CISSP, CISM, CISA, SANS, etc.) is a plus. Willingness to work toward achieving professional cyber credentials is required.

  • Previous experience as a PCI Qualified Security Assessor and/or HITRUST Certified Assessor is a plus, but not required.

  • Previous consulting, internal audit, or compliance experience is a plus.

  • Ability to travel up to 60% annually, primarily in the southeastern United States, preferred. Typical travel in this role is 50 to 75% annually.

See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cybersecurity Manager


Posted 1 week ago

VIEW JOBS 12/3/2018 12:00:00 AM 2019-03-03T00:00 At Barings, we are as invested in our associates as we are in our clients. We recognize those who work diligently for us and reward them for personal and professional integrity, communication skills, distinct competencies and expertise in specific strategies, ability to collaborate as a team member and true dedication to the interests of our clients. We thank you for your interest in joining the Barings team, and invite you to explore our current employment opportunities. Business Unit: Title: Cybersecurity Manager Department: Information Security Location: Charlotte, NC Barings is a $305+ billion* global asset management firm dedicated to meeting the evolving investment and capital needs of our clients. We build lasting partnerships that leverage our distinctive expertise across traditional and alternative asset classes to deliver innovative solutions and exceptional service. Part of MassMutual, Barings maintains a strong global presence with over 1,800 associates and offices in 16 countries. Learn more at 1as of March 31, 2018 Job Summary The Cybersecurity Manager will be managing a global team of cybersecurity engineers protecting the firm's information and information assets from insider and external threats. The manager will ensure security technologies are architected, deployed, maintained and supported and aligned to SLA/OLAs. He/she will be in charge of building out a security product/service catalog and roadmaps with alignment to the global information security strategy. He/she will be introducing new capabilities by leveraging advanced features in security technologies and/or reviewing vendor products to fill security gaps as the threat landscape changes. This role requires extensive expertise in problem-solving and a solid understanding of offensive security Tactics, Techniques, and Procedures (TTPs) while delivering cutting edge technologies. This position will be located in Charlotte, NC. Primary Responsibilities The role encompasses carrying out proof of concepts, installations, integrations and on-going management/maintenance of security tools and controls throughout the lifecycle. Understand product roadmaps and assist in prioritizing the deployment of new and advanced features in tools aligning to the global information security strategy. Facilitate the delivery and maintenance of accurate documentation, and develop process improvement tactics to reduce risk and satisfy regulatory responsibilities in accordance with Information Security directives. Assist with internal security monitoring, alerting, incident management and other 'business as usual' security tasks. Technical Management of Security Products and Services * Testing, installing, engineering, and configuring of security products to production status * Ongoing operational ownership of products to ensure processes and obligations are achieved * Maintain product lifecycle knowledge to provide resource and project scheduling * Assist in the product procurement lifecycle: testing, evaluation and selection criteria * Creation and maintenance of comprehensive documentation * Liaison with product vendors to resolve issues and develop capabilities * Engineer solutions to assist in product integration and enhancement of products to support the business * Development of effective risk\reward based operational SOPs to maximize ROI and reduce risk while efficiently supporting the business Technical Management of Projects * Lead technical information security projects * Ensure project activities are effectively managed and progress is reported in accordance with Barings Project Management standards * Liaise between Information Security and IT support teams Best Practices and Frameworks * Ensure alignment of products to information security policies, standards, and frameworks/best practices * Provide advice for the Information Security team, and others, to assist with the ongoing development and maintenance of Information Security frameworks and best practices Additional Task * Demonstrate a commitment to lifelong learning * Fulfill additional, relevant, tasks appropriate to the role and business demands * Strong troubleshooting and problem solving skills * Ability to work independently * Manage a project and escalation process from beginning to end Required Skills * Access Control (Authorization, Authentication, Accountability) * Encryption (data at rest and transit) * Vulnerability and Remediation * Security Automation and Orchestration (SAO) * Next Gen Firewalls * SIEM * Endpoint Detection and Response * Application Whitelisting * Password Management * IPS/IDS * Malware Prevention * Threat Intelligence * Mobile Security * Web, Application and Cloud Security * Wireless Security * Social Engineering Tactics * Offensive Security Methodology Technology Skill Sets Desired: * Python * Powershell Qualifications * Bachelors and/or Master's Degree in Information Systems, Computer Science, Information Security, Cybersecurity, Information Assurance (IT related) * Minimum 8 years' of technical and hands on experience as a cyber and information security * Minimum of 4 years' managing global security engineering teams * Ability to keep up with the threat landscape * Strong problem solving skills and thinking outside the box * Strong analytical and product management skills required * Excellent verbal and written communication skills and the ability to interact professionally with a diverse group including; executives, managers, IT personnel, and subject matter experts * Strong sense of urgency and desire to see solutions implemented expediently * Ability to communicate clearly and effectively within various levels of the organization Certifications (One or more of the following certifications should be current and up to date) * Technical certifications (required) * Security Plus (required) * CISSP (required) * CISM (required) * CEH (desired) * GCIH (desired) Barings is an Equal Employment Opportunity employer; Minority/Female/Age/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Barings Charlotte NC

Cybersecurity Manager

Dixon Hughes Goodman