We are seeking an experienced Cybersecurity Manager to lead our cybersecurity efforts, focusing on Governance, Risk, and Compliance (GRC) and ISO standards. This role is ideal for a hands-on leader who can take full ownership of the team and ISMS (Information Security Management System) while driving security initiatives in alignment with business objectives.
The Cybersecurity Manager will work closely with external consultants, ensuring compliance, optimizing security policies, and implementing best practices. This individual will play a critical role in defining what "good" looks like in cybersecurity, leading security strategy, and enhancing our organization's overall security posture.
Responsibilities
Leadership & Strategy
- Own and manage the cybersecurity team and oversee security operations, compliance, and risk management.
- Develop, implement, and maintain the Information Security Management System (ISMS), ensuring adherence to ISO 27001 and other relevant frameworks.
- Define cybersecurity best practices and work with external consultants to align security initiatives with business objectives.
- Lead GRC initiatives, including risk assessments, compliance audits, and security frameworks.
- Collaborate with IT leadership to integrate cybersecurity within the broader IT strategy.
- Security Operations & Compliance
- Develop and enforce cybersecurity policies, procedures, and controls to maintain compliance with regulatory requirements and industry standards.
- Oversee incident response, risk assessments, and vulnerability management programs.
- Ensure compliance with ISO 27001, NIST, and other security frameworks, implementing necessary changes to improve security posture.
- Manage security tools and technologies, including firewalls, endpoint protection, and SIEM solutions.
- Conduct security audits, risk assessments, and penetration tests, addressing findings with remediation plans.
Team & Stakeholder Management
- Provide leadership, mentoring, and guidance to the cybersecurity team.
- Collaborate with internal and external stakeholders, including auditors, vendors, and consultants, to maintain compliance and improve security posture.
- Train and educate employees on cybersecurity awareness and best practices.
Continuous Improvement & Innovation
- Monitor emerging cyber threats and industry trends, adapting security measures accordingly.
- Recommend and implement new security technologies and solutions to enhance protection and compliance.
- Optimize security operations to improve efficiency, scalability, and resilience.
Requirements:
- 5+ years of experience in cybersecurity, with at least 1+ year in a leadership or architecture role.
- Strong experience in GRC, ISO 27001 compliance, and risk management.
- Knowledge of security frameworks such as NIST, CIS, and SOC 2.
- Experience working with external security consultants and managing compliance audits.
- Hands-on experience with firewalls, endpoint security, SIEM tools, and cloud security solutions.
- Strong understanding of network security, identity & access management, and incident response.
- Familiarity with Microsoft security tools (Azure, O365, Defender, etc.).
- Certifications such as CISSP, CISM, or ISO 27001 Lead Implementer are highly preferred.
Preferred:
- Experience managing ISMS and ISO certification processes.
- Strong knowledge of TCP/IP, network protocols, and cloud security principles.
- Ability to manage multiple priorities in a fast-paced, high-stakes environment.
- Excellent leadership, communication, and stakeholder management skills.
Physical Demands:
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to talk and hear. The employee frequently is required to stand, walk, climb stairs, sit, and use hands to finger, handle or feel. Specific vision abilities required by this job include close vision, distance vision, color vision, and ability to adjust focus. Must be able to lift up to 10 pounds.
Work Environment:
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually moderate. The noise level may increase in certain areas of the Company locations.
About Osmose:
Osmose is the market-leading provider of critical resiliency, assessment, and restoration services for electric transmission, distribution, and telecommunications companies.
Benefits:
Come grow with us. Full-time employees enjoy a comprehensive benefits package that includes:
- Medical Insurance and Health Savings Account with company contribution
- Dental, Vision, Life Insurance, STD, LTD, Critical Illness Plan and more.
- 401(k) with excellent company match
- Paid time off