Cyber Security Manager - Job# 1115
Cybersecurity Strategy & Program Leadership
Lead and evolve the enterprise cybersecurity program aligned with business goals and risk tolerance.
Develop and manage a multi-year cybersecurity roadmap with measurable outcomes.
Report cybersecurity posture, risks, and maturity to executive leadership.
Establish KPIs/KRIs to track program effectiveness.
Governance, Risk & Compliance (GRC)
Own and maintain the Information Security Management System (ISMS) aligned with ISO 27001.
Lead ISO 27001 certification readiness, audits, and continuous improvement.
Oversee HITRUST and HIPAA compliance, ensuring audit readiness and control effectiveness.
Conduct enterprise risk assessments and manage remediation lifecycle.
Develop and enforce security policies, standards, and procedures.
Security Architecture & Microsoft Security Ecosystem
Drive improvements in Microsoft Secure Score and security posture.
Oversee security across: Identity (Entra ID / Azure AD), Endpoint (Defender), Email & Collaboration (M365 Security), Cloud Security (Azure Security), and Microsoft Purview for data protection, DLP, and compliance.
Security Operations & Incident Management
Provide oversight for: Vulnerability management, Threat detection and monitoring, Incident response and escalation, and Lead incident investigations and root cause analysis (RCA).
Ensure security is integrated into: System design, Change management, Infrastructure standards, and Vendor Risk & Audit Management.
Leadership & Organizational Enablement
Lead, mentor, and develop cybersecurity team members.
Drive security awareness and training programs across the organization.
Support budgeting, vendor selection, and strategic investments.
Foster a culture of security accountability.
Employment Standards
Executive-level communication and stakeholder engagement
Strategic thinking and risk-based decision making
Deep understanding of regulatory environments (HIPAA, HITRUST, ISO)
Strong leadership and cross-functional collaboration
Ability to translate technical risk into business impact
Education & Experience
- Bachelor’s degree in IT, Computer Science, or related field
- 7+ years in cybersecurity, risk, or information security (healthcare preferred)
- 4+ years of leadership experience managing teams and programs
- 5+ years of hands-on HIPAA compliance experience
PREFERRED CERTIFICATIONS
- CISSP
- CISM
- CRISC
- HCISPP
- Microsoft Azure / Security certifications
Essential Requirements
- A valid California Driver's License and transportation, or acceptable substitute, may be required based on assigned duties.
Professional Development Opportunities & Growth
- Variety of career paths for entry-level management positions for those seeking leadership opportunities in the social services field.
Diversity, Equity, and Inclusion
- At NLACRC, we value and celebrate diversity!
- In September 2021, NLACRC launched an initiative to enhance and strengthen our commitment to diversity and belonging.
Compensation
Annual Salary Range: $133,000.14 - $168,000.00.