MANAGER CYBERSECURITY Contract to Hire

MANAGER CYBERSECURITY Contract to Hire open Job September 2024

Contract to Hire

Remote position

Hourly Rate for the Contract term and then Annual Base Salary Range for perm conversion

Job Summary

The Cybersecurity Manager is responsible for leading the development, implementation, and ongoing maintenance of the organization's cybersecurity risk management program. This includes managing the vendor risk assessment process, conducting regular reviews of existing vendors' security posture, and performing ad-hoc assessments in response to emerging threats. The role requires a deep understanding of cybersecurity principles, risk assessment methodologies, and the ability to analyze the threat landscape.

As the primary point of contact for all HIPAA security and internal audits, the Cybersecurity Manager will work closely with other members of the organization to ensure that the program is aligned with regulatory compliance requirements and industry standards. This includes working in close relation to others for all SEC/SOX compliance audits and owning the eDiscovery process and management.

The Cybersecurity Manager will have two direct reports and will report to the CIO. This role will be expected to collaborate with all departments in the organization to write and update policies and maintain strong relationships with legal and compliance teams.

In summary, the Cybersecurity Manager plays a critical role in ensuring the organization's cybersecurity risk management program is effective, up-to-date, and aligned with industry standards and regulatory requirements.

Essential Functions and Work Responsibilities

Develop and implement a comprehensive cybersecurity risk management program aligned with industry best practices and organizational objectives.

Conduct regular risk assessments and vulnerability assessments to identify potential threats and vulnerabilities in the organization's systems, networks, and infrastructure.

Collaborate with cross-functional teams to establish and maintain a risk management framework, including the identification, assessment, mitigation, and monitoring of cybersecurity risks.

Lead the development of risk mitigation strategies and action plans, ensuring timely and effective response to identified risks.

Establish key performance indicators (KPIs) and metrics to measure the effectiveness of the cybersecurity risk program and report regularly to senior management and stakeholders.

Stay current on emerging cybersecurity threats, trends, and technologies to continuously improve the organization's risk management strategies.

Provide guidance and support to internal teams on cybersecurity risk-related matters, promoting a culture of awareness and accountability.

Coordinate and facilitate communication between different departments to ensure a unified approach to cybersecurity risk management.

Conduct regular training and awareness programs to educate employees on cybersecurity best practices and the importance of risk mitigation.

Develop and maintain relationships with external partners, regulatory bodies, and industry peers to stay informed about the latest cybersecurity developments and regulatory requirements.

REQUIRED

Education

Bachelor s degree in computer science, information security or other related field or a combination of education and experience.

Work Experience and Qualifications

Possesses a strong understanding of cybersecurity principles, risk assessment methodologies, and threat landscape analysis.

Knowledge of regulatory compliance requirements and industry standards.

5+ years of relevant experience with a degree or 8+ years of relevant experience without a degree

Proficiency in performing risk assessments, controls, design, and testing required.

Previous healthcare experience strongly preferred.

Experience working in SOX-related environments with narratives, control execution, and testing preferred.

Licensure, Certification, Registration or Designation

At least 2 GRC or cybersecurity related certifications, including, but not limited to:

o Certified in Risk and Information Systems Control (CRISC)

o Certified Information Systems Auditor (CISA)

o Certified Information Security Manager (CISM)

o Certified in the Governance of Enterprise IT (CGEIT)

o Certification in Control Self-Assessment (CCSA)

o Certified Internal Auditor (CIA)

o Certified Government Auditing Professional (CGAP)

o Certified Financial Services Auditor (CFSA)

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.