Description

The Cyber Security Manager / Information Systems Security Manager (ISSM) is responsible for overseeing and managing the organization's cyber security program. The Cyber Security Manager will work closely with the organization's IT and management teams to implement and maintain security measures, detect and respond to security threats, and develop/maintain training to educate employees on safe computer usage practices.

Key Responsibilities:

• Develop and implement a comprehensive cyber security strategy that aligns with the organization's business objectives and meets regulatory requirements.

• Manage and lead the organization's cyber security team, including recruiting, training, and mentoring team members.

• Monitor the organization's computer systems and networks for security threats and respond to security incidents in a timely and effective manner.

• Implement and maintain security measures, such as firewalls, antivirus software, and encryption, to protect the organization's computer systems and networks.

• Educate employees on safe computer usage practices, including the use of strong passwords, avoiding phishing scams, and the importance of reporting security incidents.

• Conduct regular security audits to identify and evaluate the organization's security posture, and recommend improvements as needed.

• Stay current with emerging security threats, including new types of malware, phishing scams, and other attack methods.

• Collaborate with the IT team. Work closely with the organization's IT team to ensure that security measures are aligned with the organization's technology needs and are effective in protecting the organization's systems and data.

• Communicate security risks to management and make recommendations for reducing or mitigating these risks.

• Develop and maintain security policies and procedures to ensure the protection of the organization's systems and data.

• Develop or recommend yearly Cyber Security Awareness training for the organization. Provide reports to senior management on training participation and scoring.

• Detailed knowledge of National Institute of Standards and Technology (NIST) and Committee on National Security Systems (CNSS) cyber security requirements and guidance, cyber security related risk management techniques.

• Bachelor's degree in an IT related subject matter area from an accredited college or university and 7+ years of experience in an IT related position with at least 5 years being in an operational cyber security specific role (e.g., information system security manager, information system security officer, cyber security specialist) or have 10+ years of experience in an IT related position with at least 7 of those years in an operational cyber security specific role. Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) highly desired.

• 5+ years of experience in cyber security, with experience in managing and leading a cyber security team. US Military and DOE Cyber Security experience highly desired.

• Strong technical background, with a good understanding of computer systems, networks, and security technologies.

• Excellent analytical skills, with the ability to identify and evaluate security risks and threats.

• Strong problem-solving skills, with the ability to identify and resolve complex security issues.

• Excellent verbal and written communication skills, with the ability to communicate security risks and solutions to both technical and non-technical stakeholders. Extensive experience working with external audit teams is desired.

• Strong leadership and management skills, with the ability to motivate and lead a team.

• Relevant certifications, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Penetration Tester (CPT), are highly desirable.

• Knowledge of relevant laws and regulations related to cyber security, including data privacy laws, and experience in ensuring compliance with these laws.