Overview Under general direction, theSenior Manager, Cybersecurity is responsible forinterfacing between the CISO's strategic and process-based activities and the work of the technology-focusedadministrators,analysts, engineers and architects of the cybersecurity and IT organizations.The Senior Manager, Cybersecurityworkswith the IT organization and business management to align priorities and plans with keycybersecuritybusinessobjectives. The Senior Manager, Cybersecurity will act as an empowered representative of the CISO during IT planning initiatives to ensure that security measures are incorporated into strategicbusinessplans and that service expectations are clearly defined.
Responsibilities - Workswith the CISO to develop a security program and security projects that address identified risks and business security requirements
- Helps define department strategicobjectivesand drives business outcomes in alignment to the organizational strategy.Workswith the CISO to develop budget projections based on short- and long-term goals andobjectives
- Monitorsand reportson compliance with security policies, as well as the enforcement of policies within the IT department.Coordinates,measuresand reports on the technical aspects of security management
- Proposeschanges to existing policies and procedures to ensure operating efficiency and regulatory compliance
- Manages outsourced vendors that provide information security functions for compliance with contracted service-level agreements.Worksas a liaison with vendors and the legal andpurchasingdepartments toestablishmutually acceptable contracts and service-level agreements
- Servesas an active and consistent participant in the information security governance process.Provides support and guidance for legal and regulatory compliance efforts, including audit support
- Workswith the CISO and IT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program
- Manages security projects andprovideexpert guidance on security matters for other IT projects.Consultswith IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware,applicationsand software
- Designs,coordinatesand oversees security testing procedures to verify the security of systems,networksand applications, andmanagethe remediation of identified risks.Recommendsand coordinatesthe implementation of technical controls to support and enforce defined security policies
- Workswith the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements; liaise with ITmanagement to align existing technical installed base and skills with future architectural requirements
- Developsa strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements
- Leads,influencesand manages a team of resources to includeall aspects of performance management,conducting talent acquisition activities, coaching and/or mentoring, andidentifyingtraining requirements for associates
- Determinestheappropriate staffingmix of contractors and associates tomaintainsteady work and stay within budget.Creates, manages, and administers an annual departmental budget which may include billable hours and percentage targets
Qualifications Required Knowledge, Skills, and Abilities : - Strong leadership skills and the ability to work effectively with business managers, IT &Cybersecurityand IT staff.Provenability to interact withinternalpersonnel, build strong relationships at all levels and across all business units and organizations, and understand business imperatives
- Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams,managementand business personnel.Ability to present technical information to technical and nontechnical audiences using collaborative systems and presentation software
- In-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an excellent understanding of information security concepts, protocols, industry best practices and strategies
- Ability to develop andmaintainpolicies, procedures,standardsand guidelines.
- Demonstratesandmaintainscurrent knowledge of industry trends andtechnologies
- Ability togather, analyzeand interpret business drivers and developpractical securitysolutionsthat provide value to security and support the business
- Ability to work with customers to understand and respondto their information security needs and/or concerns, represent our security program and how the program protects the customers' data, and discuss the roadmap designed to continuously improve our security posture
- Ability to quickly learn and understand complex environments, independently reaching stretchgoals, and continually improveknowledge and capabilities
- Advanced technical computer skills asrequiredfor technical support specific to functional area and related systems
- Knowledge and ability to work inHITRUST, NIST and SOC
Experience: - 7years of experience in Information Security
- 4years of IT experience
- 2 years supervisory experience
- 3years of experienceimplementing and enforcing security directives, policies,publicationsand regulations
- 2years of experience conducting risk assessment work, IT auditing of compliance requirements, or framework gap analysis
- 2 years of experience working with HITRUST, NIST and SOC
Required Training , Certification and Education: - Bachelor's degree in computer science, information systems,Cybersecurity,engineering, business administration or a related field;or equivalent experience
Working Conditions: - Travel: None
- Work environment: Must be able to use equipment at workstation for up to 8 hours daily
- Location: Home office/remote - Based in Atlanta, Georgia required
- Must be able to sit and use equipment at workstation for up to 8 hours daily
- May require after hours work if a system outage and/or security incident occurs
- May work occasional weekends
Benefits Overview At NASCO, we trust our workforce to be fully remote,
working from their home . This benefit offers significant, personalized outcomes for each associate including work/life balance, savings on commuting, work clothing, and increased time to spend on personal activities.
Our full benefit package is designed to support the physical, mental, and financial health of our associates. We offer:
Physical and Mental Health Benefits - Choice of Blue Cross Blue Shield Medical, Dental, and Vision Plans
- Telehealthcare - for Medical and Behavioral visits
- Generous PTO with buy/sell options
- 9 Company holidays, a floating day off, and a day off for volunteering
- Employee Assistance Program
- Wellness program - earn insurance discounts or credit towards health-related items
Financial Health Benefits - 401K Plan with employer matching contributions
- Company-funded spending/reimbursement accounts to help with out-of-pocket medical expenses
- Bonus and Recognition programs
- Tuition Assistance
- Consultation with financial planner
- Basic Life & AD&D Insurance, Short and Long-Term Disability Insurance provided, and Supplemental Term Life Insurance is available
- Group Discount programs - mobile, technology services, etc., to help you save money
Other Benefits - E-Learning - Comprehensive and current library of e-learning and performance support assets, available on demand and at no cost
NASCO is an Equal Opportunity Employer/veterans/disability/race/color/religion/sex/sexual orientation/gender identity/national origin. Must have legal authority to work in the US.
We will not accept applicants that use AI when answering the screening questions. Applicants who use AI to answer any questions or to complete their application will not be considered for employment. Location US-Home Office/ Remote Positions 1 Category Management - Other Management Travel Requirements 0-20%