Cybersecurity & Infrastructure Manager

Job Overview:

We are seeking an experienced Cybersecurity professional to lead the development and implementation of a comprehensive cybersecurity program, establishing a specialized cybersecurity team. The role involves overseeing the implementation of SOC2 Type 2 compliance and preparing for fieldwork associated with the audit. This is a strategic and practical and active role, requiring collaboration across IT operations and security functions to ensure the organization’s infrastructure and data are secure, resilient, and compliant.

Primary Job Responsibilities:

• Cybersecurity Leadership: Build, lead, and mentor a cybersecurity team, fostering a culture of security awareness and best practices.
• SOC2 Implementation: Develop and implement the SOC2 Type 2 program, ensuring all policies, controls, and documentation meet audit requirements.
• Audit Preparation: Coordinate with auditors and internal teams to facilitate successful completion of SOC2 Type 2 audits.

• Infrastructure Security: Collaborate with IT teams to design and implement secure infrastructure systems in cloud and on-premise environments.
• Risk Assessment: Conduct regular security risk assessments and develop mitigation strategies.
• Policy Development: Create and enforce cybersecurity policies and procedures aligned with organizational objectives and compliance requirements.
• Monitoring and Detection: Implement tools and processes for real-time threat detection, monitoring, and response.
• Incident Response: Lead the development and execution of an incident response plan to address security breaches and vulnerabilities.
• Training: Provide training and guidance to staff on cybersecurity protocols and best practices.
• Stakeholder Communication: Serve as a key advisor to senior leadership on cybersecurity trends, risks, and solutions.
• Vendor Management: Evaluate and manage vendor solutions to ensure alignment with cybersecurity objectives.
• Perform other duties as needed or required.

Education/Experience:

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field.
• Minimum of six (6) years of experience in IT infrastructure, cybersecurity, or related fields, with proven experience in SOC2 compliance implementation.

Qualifications:

• Strong understanding of SOC2 Type 2 compliance requirements and fieldwork preparation.
• Demonstrated experience in building and managing cybersecurity teams.
• Expertise in firewalls, intrusion detection systems, anti-virus software, and data encryption techniques.
• Proficiency with cloud security solutions and virtualization technologies.
• Experience in risk assessment tools, technologies, and methods.
• Knowledge of risk assessment tools, technologies, and methodologies.
• Strong organizational and multitasking skills.
• Excellent critical thinking skills and diligence.
• Exceptional communication and interpersonal abilities.
• Ability to work independently and manage multiple priorities in a challenging environment.
• Understanding of HIPAA regulations and data protection standards.

Required Licenses/Certifications:

• Industry-recognized certifications such as CISSP, CISM, or equivalent.
• Certifications in cloud security (e.g., AWS Certified Security Specialty, Azure Security Engineer Associate) are preferred.

Physical Requirements:

• Ability to sit for extended periods of time.
• Repetitive movement of fingers and hands
• Talking and hearing
• Reaching with hands and arms
• Clarity of vision at 20 feet or less

Mental Requirements:

• Read, evaluate and interpret data.
• Performing Data entry mathematical operations

Work Environment:

• Standard office environment

Hazards:

• None