Manager of Cybersecurity

Description

The Manager of Cybersecurity will lead our organization’s efforts in protecting critical information assets and ensuring the highest standards of data security. This role will oversee the development and execution of cybersecurity strategies, manage threat detection and response initiatives, and ensure compliance with regulatory requirements. The ideal candidate will combine deep technical expertise with strong leadership and strategic vision to safeguard the organization against evolving cyber threats. This position will report to the Sr. Director of Information Technology & Cybersecurity. 

The role will be our Subject Matter Expert (SME) for cybersecurity posture. They will work with the latest technologies and products we select to protect our infrastructure, systems, and data as well as aid int he selection and implementation of new security solutions necessary to support our digital journey. This role will evaluate new security technologies to better improve efficiencies, security posture and meet business objectives, as well as support a secure architecture including technology solutions for both Information Technology (IT) and Operational Technology (OT).

The ideal candidate will have a thorough understanding of complex IT systems and be up to date with the latest security standards, systems, and protocols, as well as best practice security policies, procedures, and products. In addition to deep technical skills the candidate should have excellent communication and customer facing skills to cultivate and drive a culture of security awareness and compliance across the organization.

Requirements

Responsibilities 

• Customer Focus: Institute a core focus on Customer Service and delivery of excellent support. The culture of customer service and the desire to help users must be foremost in this role. It should be passed onto the rest of the team as a requirement, and it must be ingrained in the way we operate. 
• Strategic Leadership: Develop and implement a comprehensive cybersecurity strategy aligned with organizational goals and industry best practices. Conduct regular risk assessments and develop mitigation plans to address vulnerabilities. Stay current on emerging threats, technologies, and regulatory requirements to adapt and enhance security measures. Support integration of systems and data between corporate IT and Plant systems with focus on cyber security, risk, performance and total cost of ownership.
• Team Leadership: Manage and mentor a team of engineers, fostering skill development and collaboration. Allocate resources effectively to support operational and project-based initiatives.
• Operations and Management: Lead a team of cybersecurity professionals, ensuring effective monitoring, threat analysis, and incident response. Oversee the configuration, deployment, and maintenance of security tools, including firewalls, endpoint protection, intrusion detection/prevention systems (IDS/IPS), and SIEM solutions. Establish and enforce security policies, procedures, and controls across the organization.
• Incident Response and Recovery: Develop and manage an incident response plan, including coordination of responses to security breaches or attacks. Collaborate with IT and business units to ensure effective disaster recovery and business continuity planning. Conduct post-incident analyses to identify lessons learned and enhance preventive measures.
• Compliance and Reporting: Ensure compliance with applicable laws, regulations, and standards such as GDPR, CCPA, HIPAA, PCI-DSS, and ISO 27001. Provide regular reports to senior leadership on the state of cybersecurity, including risk assessments and mitigation efforts. Conduct security awareness training programs to educate employees on best practices and emerging threats. Maintain and manage all relevant documentation, credentials, licensing, etc. 
• Budgeting and Vendor Management: Manage the cybersecurity budget, including hardware, software, and service agreements. Evaluate and negotiate contracts with vendors, ensuring cost-effectiveness and alignment with business requirements.
• Innovation and Continuous Improvement: Stay updated on emerging technologies and trends in enterprise cybersecurity to recommend innovative solutions. Identify and implement opportunities to improve reliability, security and system performance. Provide architectural assessments, strategies, and roadmaps for systems selection and implementation. Define technical evaluation criteria for product and technology selection and determine technical approaches to ensure solutions result in a coherent systems design.
• OT Knowledge and Support: Support the IT/OT integration of our assets. Work with other teams across the organization to design, test, secure and enable the proper use of OT data and Systems.

Required Qualifications

• 10+ years of relevant experience in cybersecurity
• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity or related field
• Deep understanding of security frameworks (e.g., NIST Cybersecurity Framework, CIS Controls).
• Expertise in threat modeling, penetration testing, and vulnerability management.
• Hands-on experience with security tools such as firewalls, IDS/IPS, SIEM (e.g., Splunk, LogRhythm), and DLP solutions.
• Knowledge of encryption technologies, authentication protocols, and identity management solutions (e.g., IAM, SSO, MFA).
• Familiarity with cloud security best practices across platforms like AWS, Azure, and Google Cloud.
• Proficiency in incident response methodologies and forensic investigation tools.
• Experience with automation and scripting (e.g., Python, PowerShell) to streamline security operations.
• Preferred Certifications: CISSP, CISM, CISA, CEH, or GAIC
• Proven track record of leading large-scale, complex IT initiatives
• Strong written and verbal communication skills with ability to effectively communicate and present security risk concepts with non-technical stakeholders and cross-functional teams

Location

Fervo Energy is headquartered in Houston, TX with satellite offices in the Bay Area, CA, Golden, CO and Reno, NV. This position will be eligible for some hybrid work flexibility, but regular in-office presence at the Houston office will be required. Some travel is required for this position.