Remote - Senior Cyber Security Manager

We are looking for:

The Senior Cyber Security Manager will be responsible for overseeing the cyber security of all information systems, applications, and data of the organization and will also be responsible for the daily operations of the Security Operations Center (SOC). This role requires an individual with deep technical expertise in information security as well as the ability to manage and motivate a team of security professionals. The Senior Cyber Security Manager will collaborate with other leaders to define and implement security strategies, policies, and procedures, and ensure that they align with the organization's goals and objectives. The successful candidate will be a hands-on, results-driven leader who is able to navigate complex technical and business challenges.

The successful candidate will have a demonstrated ability to use professional oral and written communication along with strong analytical and critical thinking skills to successfully take ownership and design and drive solutions. Effective and collaborative interactions with colleagues, end users, IT leaders, and business stakeholders is critical to ensure success. The candidate should be an effective change advocate, possessing the ability to understand the impacts of technology transformation. The senior engineer should also have experience mentoring junior engineers, with hopes of contributing to their technical progression.

What will you be doing as a Senior Cyber Security Manager at SimSpace?

• Architect, design, implement, and maintain network security controls and countermeasures to ensure the highest level of security/integrity. Perform security system configuration and administration, system updates, policy compliance, and security assessments.
• Administer authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets.
• Work with senior management to develop and implement a long-term security strategy and develop a roadmap to ensure the clients information assets are protected.
• Security Integration: Work closely with development teams to incorporate security requirements into the platform's design and development processes. Collaborate with cross-functional teams to ensure that security is a fundamental aspect of all aspects of the platform.
• Vulnerability Management: Conduct regular tests and scans to identify network and system vulnerabilities. Develop and implement strategies to remediate vulnerabilities and enhance the overall security posture of the platform.
• Oversee the evaluation, selection and implementation of information security solutions that are innovative and cost-effective. This includes monitoring and maintaining security systems infrastructure, log management, security information and event management (SIEM) tools, and desktop/endpoint security solutions.
• Monitor the industry and external environment for emerging threats and advise management on appropriate courses of action.
• Respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interact and coordinate with third-party incident responders, including law enforcement.
• Assess and manage security operations (SOC); provide continuous improvement in monitoring and reporting and managing security incidents.
• Ensure program resiliency and thought leadership by benchmarking the cybersecurity program and initiatives against industry trends and applicable security frameworks e.g., NIST while supporting enterprise compliance requirements (e.g., PCI, HIPAA, PII, CCPA, GDPR).
• Develop a culture that stays current on the latest cyber security trends, emerging technologies, threats, and incorporate appropriate safeguards / controls into the SimSpace Cybersecurity Program
• Develop, implement, and oversee enforcement of security policies, procedures and work plans based on industry best practices.
• Develop and implement proactive measures including periodic cybersecurity maturity assessments, threat hunting, penetration testing, and work with infrastructure and security teams to prioritize and remediate any issues identified.
• Develop and maintain incident response plans to ensure the organization is prepared to respond to security incidents in a timely and effective manner.
• Govern and execute third party and SaaS vendor risk assessments.
• Continuously improve cybersecurity awareness training and mock testing campaigns across the enterprise.
• Develop and drive approaches to secure DevOps and Cloud environments in an automated scalable manner and work with engineering to implement these approaches.
• Respond to security information requests for external audits, security questionnaires, or RFP/RFI’s.
• Develop an internal audit plan and ensure audit gaps are remediated in a timely manner.
• Be responsible for providing details of the cybersecurity program and status of initiatives for all Board and C-level presentations.

What are the qualifications to apply? To be successful as a Senior Cyber Security Manager, you need:

• A Bachelor’s degree in Information Technology, Computer Science, or a related field.
• A minimum of 10 years of experience in information security, with at least 5 years in a leadership role.
• A strong knowledge of network protocols and Firewalls.
• Experience with Intrusion detection and prevention systems.
• Experience with security information and event management (SIEM) software.
• Knowledge of Encryption and decryption techniques.
• Experience with identity and access management (IAM) systems.
• Expertise in information security principles, practices, and technologies, including security architecture, network security, identity and access management, threat intelligence, and security operations.
• Experience with modern web applications and securely scaling them with modern container architecture.
• Management experience leading teams, developing strategy, and executing plans.
• Knowledge of common information security management frameworks and certifications, such as ISO/IEC 27001, SOC2, as well as those from NIST, including 800-53, CMMC and Cybersecurity Framework.
• Professional security certifications such as CISSP, CISM, or CISA are highly desirable.
• Expert understanding of regulatory requirements, including GDPR, HIPAA, and PCI DSS.
• Strategic leader and builder of both vision and bridges, and able to energize the appropriate teams in the organization.
• Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only “dotted line” reporting lines exist.

We provide the following:

• Salary Range $140,000-$190,000
• Comprehensive benefits package that start on day one
• 401k match with immediate vesting
• Flex time, the time off you need when you need it
• Equity options at hire and potential for additional based on performance
• Generous employee referral bonus program
• Peloton Interactive Wellness Program