IT Cybersecurity Manager

Cyber Security Manager

Full-Time (40hrs) / Exempt

Position Description:

The Information Technology Cybersecurity Manager plays a critical role in safeguarding the firm's digital assets, ensuring compliance with cybersecurity policies, and protecting sensitive client information. This role is responsible for developing and enforcing security strategies, leading incident response efforts, and proactively identifying and mitigating threats. The position also oversees security awareness training, collaborates with internal teams to integrate security best practices into business operations, and manages third-party security vendors to strengthen the firm's cybersecurity posture. As a key contributor to the firm's security strategy, this role ensures the organization remains resilient against emerging cyber threats while maintaining the trust of its clients.

Responsibilities:

• Develops and implements cybersecurity policies, procedures, and risk mitigation strategies in alignment with industry standards (NIST, ISO 27001, CIS Controls, etc.).
• Analyzes and evaluates security risks, providing strategic recommendations to leadership.
• Exercises independent discretion in designing and enforcing security frameworks to meet regulatory compliance (SOX, CCPA, HIPAA)
• Oversees third-party security vendors, contracts, and cybersecurity projects, ensuring optimal security solutions and compliance.
• Leads the firm's cybersecurity awareness and training programs, educating employees on security policies and best practices.
• Serves as the primary decision-maker for cybersecurity incident response, forensic analysis, and risk mitigation strategies.
• Conducts vulnerability assessments, penetration tests, and security audits to identify risks and implement remediation plans.
• Manages technology investments and procurement recommendations for security infrastructure.
• Collaborates with firm leadership and IT teams to integrate security measures into business operations and technology implementations.
• Maintains detailed logs, documentation, and reports related to security incidents, compliance audits, and risk assessments.
• Stays up-to-date with emerging cybersecurity threats, trends, and regulatory requirements to ensure continuous improvement in security posture.

Qualifications:

Required Education and Experience:

• Bachelor's degree required in Cybersecurity, Computer Science, Information Technology, or a related field.
• Master's degree preferred.
• Minimum 5 years of experience in cybersecurity strategy, risk management, and compliance.
• CISSP, CISM, or equivalent cybersecurity certification required.
  Additional Eligibility Qualifications Preferred:
• Special technical knowledge of the techniques and procedures of software, hardware and network support for multiple users.
• Understanding of installation, configuration and troubleshooting processes for software, hardware, networking and accessory equipment.
• Experience with personal computer equipment. Must have advanced personal computer word processing, spreadsheet, database, DOS/Powershell and Windows skills and Linux environment.
• Strong knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory requirements (e.g., SOX, CCPA and HIPAA).
• Experience with tools such as firewalls, SIEM solutions, endpoint protection platforms, and vulnerability scanners.
• Knowledge of network protocols, systems architecture, and cloud security.
• Excellent problem-solving, analytical, and decision-making skills.
• Ability to work independently and collaboratively in a fast-paced environment.
• Strong verbal and written communication skills.

Benefits:

• Teleworking
• Medical, dental, vision and life insurance
• 401k retirement plan
• Paid sick and vacation time
• Paid volunteer time off / Matching Donations
• Referral bonus program
• CPA/EA license incentives and professional membership reimbursements

Note: Benefits may vary depending on specific employment terms