Cyber Security Manager

Role Overview 
We’re looking for a highly technical Cyber Security Manager to be a key member of a small, skilled, results-oriented team. You will carry forward our in-place SOC2 and TX-RAMP compliance programs, reduce risk while you improve security strategy, and provide hands on technical leadership. 
As a Cyber Security Manager you’ll be working with Engineering and Product teams in documenting, developing, and reviewing solutions and plans around information security, data privacy, compliance, and risk management.

A day in the life of a Cyber Security Manager:

• Serve as a technical advisor and leader for Cyber Security solutions 
• Lead the efforts around compliance with SOC 2, CCPA, and other regulations  
• Enhance security posture and risk-mitigation strategy  
• Solve business needs with short-term deliverables, while constantly improving and moving towards long-term architectural goals 
• Generate new ideas, and the path to get there 
• Lead on security-related incident response, concerns, and alerts   
• Manage the security infrastructure and tactical execution / delivery of security deliverables 
• Collaborate with engineering teams to ensure that software development, processes and outputs are aligned with compliance-related audit requirements  
• Enhance data storage security/ data loss prevention  
• Perform annual risk assessment of the company’s technology and related processes 
• Align technology and data protection strategy against the NIST 800.53 framework 
• Triage incidents and identify/connect the right teams to develop and manage responses 
• Maintain, train, and communicate our Cyber Security policies to ensure corporate requirements are met and best practices are implemented 
• Collaborate with sales and contract management to respond to customer inquiries, RFP/RFI security questionnaires, and review contract terms. Document commitments and any other security-related obligations made by Encoura to customers. 
• Coordinate with 3rd party vendors to review platforms for compliance with security controls 
• Continuously update and manage our security awareness training program for all employees, contractors and approved system users; and establish metrics to measure the effectiveness of this program 
• Monitor the external environment for emerging threats and advise relevant stakeholders on the appropriate course of action 

Role Progression

• Within 1 month, you will be learning about the company and priorities for near-term and long-term security / risk mitigation.  
• Within 3 months, you will lead the selection, activation and measurement of security-focused products and processes that align with the company’s priority to maintain its a Soc2 Type 2 and TX-RAMP certifications.  
• You will mentor your support your security team-members for tactical support of product and process. 
• Within 6 months, you will be opinionated on our performance and provide input to security-minded improvements. You will be thinking 6 months out and what comes next for us. If not already obtained, you would achieve the AWS Security Architect certification. 
• Within 1 year, you will help craft future security program capabilities and budget. 

About You

• Consultative and partnership approach to work 
• AWS Security Architect certification 
• Additional Professional level AWS certifications strongly preferred 
• Strong analytical and leadership skills  
• Be proactive in keeping your and your teams' skills fresh  
• Excellent communicator (written, verbal and presentations) 
• Ability to collaborate with technical and business teams 
• Experience securing large scale internet-facing AWS-based products and services (Kubernetes, compute, database, storage, and network technologies) 
• Experience in attaining and maintaining a Soc 2 Type 2 certification 
• Experience in attaining and maintaining a TX-RAMP certification  
• 5+ years of experience in Information Security working in cloud-based environments 
• CISSP, CISM, CCSP, CISA certifications preferred 
• BS in Computer Science, Software Engineering or equivalent, or a Bachelor’s in an unrelated field with at least 5 years of relevant work experience. 
• Relevant Master's degree is a plus. 

What Sets Us Apart

• Mission driven culture 
• Comprehensive health and benefits package 
• 401k company match that vestsimmediately upon participation 
• Paid holidays and a generous PTO policy 
• Paid parental leave

About Us
Encoura’s mission is to empower students and institutions to create meaningful connections so everyone can make the most informed decisions to achieve their goals. Since 1972, the company has evolved its products and services to better represent the link between students and higher education institutions and to create the highest probability of student success.  With the launch of the Encoura platform in 2017, the company provides custom technology solutions that combine Eduventures research, data science, strategic enrollment, and multichannel marketing services to over 2,000 higher ed institutions. The company also offers Encourage® —the nation’s largest free college and career planning program used by millions of high school students and educators nationwide.  Encoura is an Equal Employment Opportunity (EEO) employer. It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information. All applicants must be eligible to work in the U.S.  Encoura endeavors to make reasonable accommodations for applicants with disabilities and disabled veterans pursuant to applicable federal and state law. If you are an individual with a disability and require reasonable accommodation to complete any part of the application process or are limited in the ability and need an alternative method for applying, please contact the Talent Team. 
Applicants from California, please review the CA HR Privacy Notice.To review our privacy policy, please click this link: https://encoura.org/privacy-policy/