
Senior Manager, Cybersecurity and IT Systems
Posted 1 hour ago

Posted 1 hour ago
This is a fully remote position, open to applicants in Pennsylvania.
• Define the overall vision for systems architecture and ensure that individual components are designed, procured, installed, and utilized effectively.
• Accountable for the organization’s compliance and adherence to architectural standards, guidelines, policies, frameworks, and reference models.
• Supervise all IT architecture components at the company level, including data architecture, application/software architecture, and technical architecture.
• Create a compliant protected information system (CUI) environment and develop a sustainable model for the future function of IT and Cybersecurity, including company structure and collaboration with external service providers.
• Manage incident remediation activities to ensure alignment with WGS policies and adhere to best practices in security and the nuclear industry.
• Guide the IT and Security teams through the Cybersecurity Maturation Model Certification and C3PAO assessment, which includes drafting and reviewing WGS procedures and verifying compliance with the WGS process.
• Supervise the Managed Service Provider (MSP) to guarantee that all company IT and cybersecurity needs are satisfied.
• Formulate a framework for conducting and overseeing IT risk assessments in accordance with established company risk management policies for projects and suppliers/vendors, ensuring compliance requirements are met.
• Identify, recruit, and develop Cybersecurity and IT personnel while addressing daily IT requests, including installations for WGS IT end-users.
• Oversee the framework development for conducting technical vulnerability and penetration assessments.
• Maintain Main Risk Indicators, including metrics for measuring risk and threats.
• Conduct or supervise self-inspections and audits on WGS protected systems at least once a year; document, track, and resolve corrective actions.
• Establish and manage the process for capturing, assessing, decision-making, and reporting risks throughout the IT organization, both internally and in coordination with Westinghouse protocols.
• Oversee the creation of the Security Controls Traceability Matrix (SCTM) to document the implementation of applicable NIST 800-53 and 800-171 controls.
• Collaborate with the Security Team, Program Management, and MSP to manage incidents, reportable events, and findings of non-compliance, ensuring proper reporting to relevant authorities and leadership.
• Bachelor’s degree or equivalent experience.
• Degree in Information Systems or a related technical field.
• Master’s Degree is preferred.
• Over 10 years of experience in information technology or systems, security, governance, risk and compliance, IT Audit, or related fields.
• Preferred credentials include CISA, CSAM, CISM, CGEIT, CRISC, CISSP, or other relevant information security qualifications.
• Proven experience in leading cybersecurity projects, including evaluating options and managing procurement/roll-out.
• Experience in establishing primary IT architecture standards, tools, best practices, and methodologies to align with our target state and facilitate architectural evolution and agreement across the organization.
• Proficiency in multiple technical information systems disciplines (e.g., Networking, Cloud Technology, Applications Development).
• Experience in designing solution roadmaps and system/software architecture in line with business strategies and architecture standards/processes.
• Experience in leading a team towards CMMC certification or guiding a team through cybersecurity compliance assessments and audits.
• Familiarity with cloud architecture, platform, and software as a service architecture and products.
• Knowledge of security and control frameworks such as ISO 27000, CobiT, NIST, COSO, NIST 800-171, and ITIL.
• US Citizenship is required, along with the ability to qualify for federal security clearance.
• Expected travel of 20%.
• Comprehensive medical benefits that may include medical, dental, vision, prescription coverage, and Health Savings Account (HSA) with employer contribution options.
• Wellness programs aimed at supporting employees in maintaining their health and well-being, including an Employee Assistance Program that offers support for employees and their household members.
• 401(k) plan with company match contributions to assist employees in their retirement planning.
• Paid vacations and company holidays.
• Opportunities for flexible work arrangements to encourage work-life balance.
• Educational reimbursement and extensive career programs to facilitate employee growth in their careers.
• Global recognition and service programs to honor employee achievements and service.
• Employee referral program.
CrowdStrike
ESA - Electronic Security Association
DKB Code Factory GmbH
Aledade, Inc.
Get handpicked remote jobs straight to your inbox weekly.