Senior Manager, Cyber Security

The Senior Manager, Cyber Security is responsible for the daily execution and continuous improvement of cybersecurity across a decentralized, multi-business unit enterprise.

This is a highly hands-on role. The Senior Manager will directly oversee security monitoring, incident response, vulnerability management, and control enforcement while leading a small security team. This role is not purely strategic. The right candidate must be technically strong, comfortable reviewing alerts, validating configurations, assessing logs, and stepping into incidents when needed.

The environment requires operational stability today, with steady program strengthening over time. This role balances execution, discipline, and practical risk reduction.

Key Responsibilities

Daily Security Operations

• Oversee and actively participate in security monitoring, alert triage, and incident response.
• Review high-risk alerts and guide investigation and remediation efforts.
• Ensure timely patching and vulnerability remediation.
• Validate security configurations across endpoints, identity platforms, and network layers.
• Maintain visibility into threat landscape and emerging risks.

Vulnerability & Risk Management

• Own vulnerability scanning, prioritization, and remediation tracking.
• Conduct risk assessments across business units and document findings.
• Work directly with infrastructure and applications teams to resolve identified gaps.
• Track and report measurable risk reduction progress.

Security Architecture & Controls

• Support implementation of Zero Trust principles across identity, device, network, and application layers.
• Review access controls, MFA enforcement, and privileged account management.
• Provide hands-on review of new systems and integrations to ensure security alignment.
• Reduce technical debt related to legacy security controls.

Governance & Compliance

• Maintain and enforce cybersecurity policies and standards aligned with recognized frameworks such as NIST, ISO, SOX, and CMMC.
• Prepare documentation and evidence for audits.
• Ensure repeatable processes exist for access reviews, change tracking, and control validation.

Team Leadership

• Lead and develop a small cybersecurity team.
• Set clear operational expectations and accountability standards.
• Provide technical mentorship and direct oversight of daily work.
• Serve as escalation point for complex or sensitive incidents.

Vendor & Tool Management

• Oversee MSSPs and third-party security providers.
• Evaluate and recommend improvements to tooling and controls.
• Ensure vendors meet service expectations and response times.

Role Profile

This role is:

• Operational and execution focused
• Technically hands-on
• Accountable for daily cybersecurity performance
• Responsible for strengthening controls over time
• Senior enough to influence IT and business leadership

Qualifications

• 7–12+ years of cybersecurity experience
• Experience leading security operations in a mid-size or multi-entity environment
• Strong hands-on experience with SIEM, endpoint detection and response, vulnerability management platforms, identity security tools, and access control systems
• Working knowledge of Zero Trust concepts and practical implementation
• Familiarity with security frameworks such as NIST CSF, ISO 27001, SOX, or CMMC
• Experience managing detection, response, and remediation processes
• Ability to communicate clearly with both technical teams and business stakeholders
• Bachelor’s degree in Information Security, Computer Science, or related field required
• Certifications such as CISSP, CISM, Security+, or similar preferred