MANAGER CYBERSECURITY Contract to Hire
Apply on
Availability Status
This job is expected to be in high demand and may close soon. We’ll remove this job ad once it's closed.
MANAGER CYBERSECURITY Contract to Hire open Job September 2024
Contract to Hire
Remote position
Hourly Rate for the Contract term and then Annual Base Salary Range for perm conversion
Job Summary
The Cybersecurity Manager is responsible for leading the development, implementation, and ongoing maintenance of the organization's cybersecurity risk management program. This includes managing the vendor risk assessment process, conducting regular reviews of existing vendors' security posture, and performing ad-hoc assessments in response to emerging threats. The role requires a deep understanding of cybersecurity principles, risk assessment methodologies, and the ability to analyze the threat landscape.
As the primary point of contact for all HIPAA security and internal audits, the Cybersecurity Manager will work closely with other members of the organization to ensure that the program is aligned with regulatory compliance requirements and industry standards. This includes working in close relation to others for all SEC/SOX compliance audits and owning the eDiscovery process and management.
The Cybersecurity Manager will have two direct reports and will report to the CIO. This role will be expected to collaborate with all departments in the organization to write and update policies and maintain strong relationships with legal and compliance teams.
In summary, the Cybersecurity Manager plays a critical role in ensuring the organization's cybersecurity risk management program is effective, up-to-date, and aligned with industry standards and regulatory requirements.
Essential Functions and Work Responsibilities
Develop and implement a comprehensive cybersecurity risk management program aligned with industry best practices and organizational objectives.
Conduct regular risk assessments and vulnerability assessments to identify potential threats and vulnerabilities in the organization's systems, networks, and infrastructure.
Collaborate with cross-functional teams to establish and maintain a risk management framework, including the identification, assessment, mitigation, and monitoring of cybersecurity risks.
Lead the development of risk mitigation strategies and action plans, ensuring timely and effective response to identified risks.
Establish key performance indicators (KPIs) and metrics to measure the effectiveness of the cybersecurity risk program and report regularly to senior management and stakeholders.
Stay current on emerging cybersecurity threats, trends, and technologies to continuously improve the organization's risk management strategies.
Provide guidance and support to internal teams on cybersecurity risk-related matters, promoting a culture of awareness and accountability.
Coordinate and facilitate communication between different departments to ensure a unified approach to cybersecurity risk management.
Conduct regular training and awareness programs to educate employees on cybersecurity best practices and the importance of risk mitigation.
Develop and maintain relationships with external partners, regulatory bodies, and industry peers to stay informed about the latest cybersecurity developments and regulatory requirements.
REQUIRED
Education
Bachelor s degree in computer science, information security or other related field or a combination of education and experience.
Work Experience and Qualifications
Possesses a strong understanding of cybersecurity principles, risk assessment methodologies, and threat landscape analysis.
Knowledge of regulatory compliance requirements and industry standards.
5+ years of relevant experience with a degree or 8+ years of relevant experience without a degree
Proficiency in performing risk assessments, controls, design, and testing required.
Previous healthcare experience strongly preferred.
Experience working in SOX-related environments with narratives, control execution, and testing preferred.
Licensure, Certification, Registration or Designation
At least 2 GRC or cybersecurity related certifications, including, but not limited to:
o Certified in Risk and Information Systems Control (CRISC)
o Certified Information Systems Auditor (CISA)
o Certified Information Security Manager (CISM)
o Certified in the Governance of Enterprise IT (CGEIT)
o Certification in Control Self-Assessment (CCSA)
o Certified Internal Auditor (CIA)
o Certified Government Auditing Professional (CGAP)
o Certified Financial Services Auditor (CFSA)