Manager – Cybersecurity & Risk

This is a fully remote position, open to applicants in United States.

📋 Description

• Act as the primary cybersecurity authority responsible for overseeing cybersecurity operations and risk management across various domains including infrastructure, endpoints, identity, cloud, applications, data, and third-party environments.

• Collaborate closely with Infrastructure & Operations to enhance endpoint security, vulnerability management, patching, identity and access management, as well as logging, monitoring, and incident detection and response capabilities.

• Offer technical cybersecurity leadership across Microsoft, cloud, SaaS, and enterprise platforms to bolster the overall security posture.

• Work in partnership with enterprise application teams to ensure secure architecture, integrations, and data practices across core business platforms, specifically those involving Microsoft technologies and enterprise applications.

• Guide the coordination of cybersecurity incident responses, including tabletop exercises, root cause analysis, and remediation planning.

• Assess emerging threats and propose practical, risk-based mitigation strategies that align with business priorities.

• Monitor and evaluate the cybersecurity posture across both internal and third-party environments.

• Assist in defining and enhancing enterprise cybersecurity capabilities, operational processes, and governance suitable for a growing organization.

• Develop and uphold cybersecurity policies, standards, procedures, and best practices.

• Create and maintain a practical cybersecurity roadmap aimed at risk reduction, resiliency, and operational efficiency.

• Set up cybersecurity metrics, scorecards, and reporting mechanisms for IT leadership and executive stakeholders.

• Perform risk assessments and collaborate with teams to prioritize remediation efforts.

• Support initiatives focused on security awareness and training.

• Assist in enterprise cybersecurity governance practices, including access controls, vendor risk management, data protection, and security awareness.

• Collaborate with stakeholders on cybersecurity-related audits, customer questionnaires, cyber insurance requirements, and compliance activities.

• Aid in the improvement of incident response, disaster recovery, and business continuity capabilities.

• Establish pragmatic, scalable controls suitable for a fast-paced, growth-oriented organization.

• Promote accountability, service quality, and measurable outcomes across third-party service providers.

• Evaluate cybersecurity tools and suggest solutions that align with business requirements and the organization's maturity.

• Develop a robust cybersecurity operational foundation and enhance organizational resilience through practical controls and risk mitigation.

⛳️ Requirements

• A minimum of 7 years of progressive cybersecurity experience with increasing levels of responsibility.

• Proven experience as a senior cybersecurity individual contributor or technical leader within a mid-sized enterprise environment.

• Strong technical knowledge across IAM, EDR, vulnerability management, SIEM, Microsoft Security, Azure security, infrastructure/network security, incident response, and security architecture.

• Experience in developing cybersecurity policies, standards, and procedures.

• Proven experience managing third-party cybersecurity vendors and managed service providers.

• Excellent communication skills with the ability to articulate technical risks in a way that is accessible to non-technical stakeholders.

• Background in private equity-backed, multi-site, field-service, or distributed operations environments.

• Experience supporting geographically dispersed or branch-based organizations.

• Familiarity with Microsoft technologies including Azure, Microsoft 365, Defender, Intune, and Entra ID.

• Relevant certifications such as CISSP, CISM, Security+, Azure Security Engineer, or similar qualifications.

🏝️ Benefits

• Comprehensive healthcare benefits including medical, dental, and vision coverage.

• Generous paid time off policy including vacation, sick leave, and holidays.

• Opportunities for professional development and continuous learning.

• Flexible working hours and options for remote work.

• A collaborative and inclusive work environment that values diversity.