Sr. Manager Cybersecurity

GENERAL DESCRIPTION

The Sr. Manager of Cybersecurity is responsible for assisting in the establishment of and maintaining a global enterprise-wide cyber security management program to ensure that company resources, assets and reputation are adequately protected.  Key elements of the role include assisting the VP of IT Infrastructure & Cybersecurity in assessing the threat landscape, working with executive management to determine acceptable levels of risk for the organization and implementing strategies, policies, and initiatives to mitigate risk.

ESSENTIAL JOB FUNCTIONS

• Lead an information security planning process that establishes an inclusive and comprehensive framework that aligns with ISO 27001 and NIST standards.
• Work with the VP IT Infrastructure & Cybersecurity to establish the global security management program goals, objectives, metrics, and reporting mechanisms to measure the efficiency and effectiveness of the program, create a roadmap for continual program improvements.
• Develop, implement, and maintain security policies, procedures, and practices based on industry best practices and in compliance with agency policies and regulatory requirements and enforce adherence to security practices.
• Monitor security vulnerabilities, threats and events in network and host systems, anticipate new security threats and stay up to date with evolving infrastructures
• Develop and implement security projects that address identified risks and business security requirements.
• Create a framework for roles and responsibilities regarding information ownership, classification, accountability, and protection.
• Develop, implement, and manage the Computer Security Incident Response Plan and conduct electronic discovery and digital forensic investigations as necessary
• With support from the VP IT Infrastructure & Cybersecurity, develop and manage security talent, engaging/managing third parties as needed to ensure the required capabilities are available either internally or externally.
• Conduct information security risk assessments and risk management processes, providing security risk evaluation, mitigation and solutions to projects and initiatives and work with stakeholders.
• Lead efforts to maintain threat intelligence operations and conduct monthly threat briefings.
• Consult with IT teams to ensure that security is factored into the evaluation, selection, installation and configuration of hardware and software.
• Manage and conduct a global enterprise-wide cybersecurity training program.
• Design, coordinate and oversee security testing procedures to verify the security of systems, networks, and applications, and manage the remediation of identified risks.
• Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and follow policies and audit requirements.
• Implement procedures to monitor and ensure security patches on the agency’s systems are up to date.
• Work as a liaison with clients, vendors, legal and contract administration staff to establish mutually acceptable contracts and service level agreements
• Work in conjunction with technology team leaders to define, execute, and test robust Business Continuity and Disaster Recovery (BC/DR) capabilities, identity management, and operational monitoring needs. 
• Negotiate and manage contracts, as well as own and manage relationships, with key providers that pertain to cybersecurity partners and outsourced services. 
• Communicate and influence senior leadership regarding the strategic direction and funding requirements to support cybersecurity roadmap 
• Driving operational efficiencies, automation, and service improvement.
• Designing and executing a plan of consistent vulnerability and penetration testing; and managing remediation work.
• Lead efforts to achieve ISO 27001 and other appropriate certifications.
• Team engagement and continual development.
• Other duties as assigned.

PHYSICAL REQUIREMENTS

• Job requires the ability to use vision, adjust focus and work on a standard computer screen, operate a computer keyboard, mouse and other computer components
• Job may require sitting for extended periods of time
• Job will require regular and punctual attendance and will require presence on-site at the assigned work location

[The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.]

OTHER SKILLS AND ABILITIES

• Excellent verbal and written communication skills and excellent time management abilities.
• Demonstrated initiative, ability to exercise good judgment, and ability to achieve results through others.
• Strong knowledge of contracting, negotiating, organization development/change management, budgeting, action planning and supervision are required for successful performance.
• Very strong conceptual, analytical, judgment and communication abilities are critical.
• Strategy and planning: an ability to think ahead and plan over a 12 to 36-month time span.
• Strong customer orientation and excellent interpersonal and communication skills

EDUCATION AND EXPERIENCE

• Bachelor’s degree and a minimum of 8 years of cybersecurity application and infrastructure, technology management including five years of supervisory and project management experience.
• Demonstrated understanding of security standards and information security and compliance frameworks, controls, and best practices: (i.e. SSAE 16, SOC 2 and SOC3, OWASP Top 10, SANS, NIST)
• Business acumen necessary to develop and present data-based ideas and solutions in a clear, concise, and organized manner to senior level executives

CERTIFICATION AND LICENSES

• Certified Information Systems Security Professional (CISSP)

MUST COMPLETE PI ASSESSMENT IN ORDER TO BE CONSIDERED FOR THE POSITION:

https://assessment.predictiveindex.com/bo/28w/Candidate_Link

WHY SHOULD YOU WORK FOR CRANE?

At Crane, we believe in providing our employees with excellent benefits at a Great Place to Work.

We offer:

• Quarterly Incentive Plan
• 136 hours of Paid Time Off which equals 17 days for the year, that can be used for Sick Time or for Personal Use
• Excellent Medical, Dental and Vision benefits
• Tuition Reimbursement for education related to your job
• Employee Referral Bonuses
• Employee Recognition and Rewards Program
• Paid Volunteer Time to support a cause that is close to your heart and contributes to our communities
• Employee Discounts
• Wellness Incentives that can go up to $100 per year for completing challenges, in addition to a discount on contribution rates

Come join the leader in logistics and take your career in the right direction.

Disclaimer:

The above statements are intended to describe the general nature and level of work being performed by people assigned to this position. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

We maintain a drug-free workplace and perform pre-employment substance abuse testing.

This position requires the final candidate to successfully pass an E-Verify Check.

More Information: http://www.dhs.gov/e-verify 

Company benefits are contingent upon meeting eligibility requirements and plan conditions.