Security Manager

This is a fully remote position, open to applicants in United States.

📋 Description

• Lead, supervise, and mentor a team of cybersecurity analysts and engineers.

• Assign tasks, monitor performance, and ensure the team efficiently achieves its objectives.

• Promote a culture of continuous learning by offering training, certifications, and opportunities for knowledge sharing.

• Conduct performance evaluations and suggest career development plans for team members.

• Recruit, develop, and retain top-tier cybersecurity talent.

• Design a multi-year cybersecurity strategy that aligns with organizational goals and technological advancements.

• Establish measurable goals and KPIs to assess the success of the security program.

• Develop, implement, and maintain security policies, standards, and guidelines.

• Regularly review and update policies to remain ahead of emerging threats and regulatory requirements.

• Create and manage the cybersecurity budget, ensuring that investments align with organizational priorities.

• Lead periodic organization-wide risk assessments, vulnerability scans, and threat analyses.

• Generate detailed risk profiles for business units, prioritizing risks based on likelihood and potential impact.

• Oversee security audits for vendors, contractors, and third-party partnerships.

• Establish and routinely update an Incident Response Plan (IRP) that addresses various scenarios.

• Ensure 24/7 monitoring, detection, and response capabilities are in place.

• Develop executive-level reports that track security metrics, risk scores, and incident trends.

• Create and lead cybersecurity awareness training programs for all employees.

⛳️ Requirements

• High school diploma or GED.

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a closely related technical field.

• CISM, CISSP, CEH, or similar cybersecurity certifications.

• A minimum of seven (7) years of experience as a cybersecurity engineer, with at least two (2) years in a leadership role.

• Proven hands-on experience in securing IT infrastructures, performing vulnerability management, and managing incident response.

• At least five (5) years of experience in implementing or managing security frameworks such as NIST CSF, ISO 27001, or CIS benchmarks.

• Proficient in network security practices, including firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions.

• Experience with security operations tools such as SIEM platforms, vulnerability scanners, and penetration testing utilities.

• Practical knowledge of configuring and managing DNS, DHCP, and identity management tools (e.g., LDAP, Active Directory).

• Familiarity with system hardening guides, such as CIS Controls, DISA STIGs, or USGCB.

• Skilled in developing, documenting, and maintaining security policies, standards, and incident response plans.

• Demonstrated ability to conduct security audits, assess compliance, and recommend improvements.

• Ability to lead and mentor technical staff, fostering a culture of collaboration and continuous improvement.

• Experience with cloud security platforms (e.g., AWS, Azure, Google Cloud).

• Knowledge of emerging threats, threat intelligence, and advanced attack mitigation techniques.

• Familiarity with DevSecOps practices or the secure software development lifecycle (SDLC).

🏝️ Benefits

• Medical.

• Dental.

• Vision.

• 401k.

• Flexible spending account.

• Paid sick leave and paid time off.

• Parental leave.

• Quarterly performance bonus.

• Training.

• Career growth.

• Education reimbursement programs.