Cybersecurity Manager
Cybersecurity Program Management
Develop, implement, and maintain enterprisewide cybersecurity policies, standards, and procedures.
Oversee risk assessments and vulnerability management programs.
Monitor and report on cybersecurity performance metrics and compliance status.
Maintain relationships with relevant product and engineering teams, providing expert advice and guidance on cybersecurity topics.
Regulatory & Standards Compliance
Ensure adherence and monitoring of processes related to NERC CIP standards and other applicable regulations as required by customer contracts.
Prepare for and lead internal and external audits related to cybersecurity compliance.
Maintain documentation and evidence for compliance reporting.
Manage the organization’s ISO 27001 and SOC2 certifications, including ownership of the audit processes, non-conformance follow ups, and policy updates to ensure compliance.
Customer Contract Review
Review and interpret cybersecurity requirements in customer contracts.
Collaborate with legal and commercial teams to ensure contractual obligations are met.
Incident Response & Risk Management
Develop and maintain incident response plans.
Lead investigations and remediation efforts for security incidents.
Conduct root cause analysis and implement preventive measures.
Training & Awareness
Design and deliver cybersecurity awareness programs for employees.
Design and execute tabletop exercises to test policies and procedures.
Provide specialized training for teams handling critical infrastructure.
Continuous Improvement
Identify emerging threats and recommend proactive security measures.
Evaluate and implement new technologies and leading practices to strengthen security posture.
Collaboration & Leadership
Work closely with IT, Operations, Product, Engineering, Legal and Compliance teams to align cybersecurity initiatives with business objectives.
Manage relationships with external vendors and service providers.