Cybersecurity Manager

Summary

As the Cybersecurity Service Delivery Manager, you will oversee a team of Cybersecurity Analysts, engineers, and vendors, guiding them in monitoring security events, detecting threats, and conducting vulnerability assessments. You will be responsible for incident response, managing security incidents, and ensuring timely resolution and mitigation. Additionally, you will play a key role in developing and implementing security policies, procedures, and best practices to uphold industry standards and regulatory requirements. Your responsibilities will also include leading security awareness and training programs, collaborating with cross-functional teams, and driving continuous improvement in cybersecurity service delivery.

Minimum Qualifications

• 3+ years of experience as an Information Security Analyst, Systems Administrator, Network Administrator, or similar role

• Advanced experience with enterprise security solutions (ex EDR/XDR, SIEM, vulnerability management, pen testing)

• Advanced security solution engineering skills

• Advanced knowledge of security incident handling

• Advanced Network security knowledge

• At least 3 years of experience working in a multi office or branch environment or large campus with multiple buildings.

• At least 3 years of experience within a structured Service Desk Framework

• Intimate knowledge of the OSI model

Knowledge, Skills, and Abilities

• Demonstrated knowledge of cybersecurity frameworks (ex NIST, SOC2, ISO 27001 and ISO 27002)

• Ability to develop cybersecurity processes, standards, and procedures to ensure alignment across the organization.

• Ability to remain up to date on the constantly evolving threat landscape.

• Ability to perform IT risk assessments.

• Understanding of Zero Trust architecture

• Understanding of Identity and Access Management

• Demonstrated experience with cybersecurity implementations.

• Experience securing IaaS workloads.

• Demonstrated knowledge and experience managing and working with:

• MS 365 products and services, including Exchange Online.

• Networking, WAN/LAN, TCP/IP, VPN, SDWAN

• Routers, firewalls, and other network devices

• Windows 2012R2 Remote Desktop Services Environment or higher

• Microsoft Windows Server 2012R2 and above

• Microsoft Active Directory, Managing GPOs, and DNS

• Enterprise Antivirus and Endpoint Detection and Response systems

• Supporting Windows 10 and 11 Professional

• Scripting and automation

• Azure environments, to include VMs, Azure networking and security, Azure AD, monitoring.

• Excellent troubleshooting and documentation skills

• Ability to work as part of a team and provide exceptional service to our internal customers.

• Strong organizational skills and ability to manage multiple deliverables at one time.

• Follow-through and persistence are essential.

• Relevant security certifications preferred (ex Security+, CISSP)

Essential Functions

Team Leadership and Management: Provide leadership, guidance, and mentorship to the Cybersecurity Analyst team, fostering a culture of collaboration, excellence, and continuous improvement.

Set clear goals, objectives, and performance expectations for the team and individuals, and ensure accountability for delivering results.

Service Delivery Oversight: Oversee the delivery of cybersecurity services, ensuring that service levels, quality standards, and performance metrics are met or exceeded. Develop and implement service delivery strategies, processes, and workflows to optimize efficiency and effectiveness.

Incident Response Management: Lead incident response efforts in coordination with the Cybersecurity Analysts and other stakeholders, ensuring timely detection, containment, and resolution of security incidents. Establish incident response protocols, procedures, and escalation pathways to streamline response efforts and minimize impact.

Security Operations Management: Manage security operations activities, including security monitoring, threat detection, vulnerability assessments, and patch management, to proactively identify and mitigate security risks.

Ensure that security tools, technologies, and processes are effectively deployed, configured, and maintained to support operational requirements.

Stakeholder Communication and Reporting:

Serve as the primary point of contact for communicating with stakeholders, management, and executive leadership regarding cybersecurity incidents, threats, and risk posture. Prepare and present regular reports, dashboards, and metrics on cybersecurity service delivery performance, incident response activities, and risk management efforts.

Policy and Compliance Management: Ensure compliance with cybersecurity policies, standards, and regulatory requirements, collaborating with internal compliance teams and external auditors as needed.

Review, update, and enforce security policies, procedures, and best practices to align with evolving threats and industry trends.

Training and Development:

Identify training needs and opportunities for skills development within the Cybersecurity Analyst team, and support their professional growth and advancement. Facilitate cybersecurity training and awareness programs for employees to enhance their understanding of security risks and promote a security-conscious culture.

Vendor and Partner Management: Manage relationships with cybersecurity vendors, service providers, and external partners, ensuring effective collaboration and delivery of contracted services. Evaluate and select vendors and partners based on their capabilities, performance, and alignment with organizational objectives.

Continuous Improvement and Innovation: Drive continuous improvement initiatives to enhance the effectiveness, efficiency, and maturity of cybersecurity service delivery processes and capabilities.

Stay abreast of emerging technologies, trends, and best practices in cybersecurity, and assess their applicability to the organization's security posture and objectives.

Risk Management and Strategic Planning: Identify and assess cybersecurity risks, threats, and vulnerabilities, and develop risk mitigation strategies and action plans in alignment with organizational risk tolerance and strategic priorities. Contribute to the development of cybersecurity strategies, roadmaps, and investment plans to support the organization's long-term security objectives.

Cybersecurity Analyst Responsibilities: The Cybersecurity Service Delivery Manager will also actively engage in the duties and responsibilities of a Cybersecurity Analyst on a frequent basis, ensuring a hands-on approach to understanding operational challenges, providing guidance, and maintaining proficiency in security monitoring, incident response, threat analysis, and other technical tasks.

Work Environment

This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, and filing cabinets. Other conditions may include proximity to forklifts or other heavy machinery and using various tools and hardware. Hybrid work schedule will be considered for the right candidate.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk or hear. The employee frequently is required to stand; walk; use hand to finger, handle or feel; and reach with hands and arms.

EOE Minorities/Females/Disability/Veterans; VEVRAA Federal Contractor