Cybersecurity Program Manager

The Cybersecurity Program Manager (CPM) leads and coordinates complex security initiatives, overseeing strategy, implementation, and operations to protect digital assets from threats, ensuring compliance, conducting training, and developing incident response plans for various platforms, balancing technical expertise with strong leadership and communication skills. Reporting to the Director of Information Technology, the CPM works with the Information Technology department to ensure that systems and networks are always designed, developed, deployed, and managed with an emphasis on strong, effective security and risk management controls. The CPM leads the organization's vulnerability management program, manages the annual cybersecurity assessments and penetration tests, and research and reports on emerging threats, to help the organization take pre-emptive risk mitigation steps. The CPM effectively correlates and analyzes security events within the context of the organization’s environment to proactively detect threats and mitigate attacks before they occur. Essential Duties & Responsibilities: • Develop and implement overall cybersecurity strategies and roadmaps, aligning with business goals and regulatory requirements. • Provides technical expertise regarding security-related concepts to the Information Technology Department and the business. • Manage the lifecycle of multiple security projects, from planning and prioritization to delivery and monitoring, often spanning different departments. • Analyze threat intelligence, monitor networks for vulnerabilities, coordinate mitigation, and investigate security incidents. • Coordinate internal teams, external vendors, and contractors; provide cybersecurity awareness training to staff. • Develop and test incident response and mitigation plans, documenting breaches and assessing impact. • Assesses new security technologies to determine potential value for the enterprise. • Conducts vulnerability assessments of organization systems and networks. • Develop and maintain current company-wide best practices for IT security • Ensure proper documentation, processes, and procedures for systems under their purview. Requirements: • A four-year college degree or equivalent industry training and certifications. • Three to five years of experience in a security analyst or related position. • Strong understanding of IT systems, network security, vulnerability assessment, and security software. • Thorough understanding of Microsoft’s enterprise technology platform, including Azure, Active Directory, SQL, Microsoft 365, and the Windows server and desktop operating systems. • Understanding of firewalls, proxies, SIEM, antivirus and IDPS concepts • Strong writing skills, as well as the ability to articulate security-related concepts to a broad range of technical and non-technical staff • Demonstrated experience implementing and/or enforcing security and compliance frameworks such as NIST, CMMC, and ISO • Be a proficient problem-solver that can work autonomously Desired Qualifications: • One or more of the following certifications: CEH, CISM, CompTIA Security+, CISSP, GSEC. • Experience with managing and securing both on-premise and hosted systems and applications. • Experience with Redhat / Ubuntu Linux operating systems. • Experience with Tenable Security Center. Apply tot his job