Job details |
||||||||||||||||||||||||||||||||
|
Manager- Cybersecurity Vulnercapability & Threat Management:Job description:
Manager- Cybersecurity Vulnercapability & Threat ManagementBenefits :» Competitive compensation » Medical, Dental, and Vision insurance » 401(k) Retirement Savings Plan with substantial company match » Life and Travel Insurance » Tuition Assistance » Wellness Reimbursement Program » Paid Holidays and Vacation What is a Manager – Cybersecurity Vulnercapability & Threat Management? The Manager – Cybersecurity Vulnercapability & Threat Management supervises and coordinates the activities of the cybersecurity operations team. Responsibilities include developing and implementing security practices for vulnercapability management, application security, threat intelligence, threat hunting, managing incident response and investigations, conducting risk assessments, and staying updated on security trends. The Manager – Cybersecurity Vulnercapability & Threat Management will be responsible for leading the organization’s efforts in identifying, analyzing, and mitigating security vulnerabilities across all IT & OT systems and networks. this function involves collaborating with various departments to ensure timely remediation of vulnerabilities, developing strategies to manage and reduce risk, and maintaining compliance with significant regulations and standards. The ideal candidate will possess a strong technical background, excellent leadership abilities expertise, and a proactive approach to vulnercapability management. The Manager – Cybersecurity Vulnercapability & Threat Management will be instrumental in building various vulnercapability and threat management programs. What does a Manager - Cybersecurity Vulnercapability & Threat Management do? The Manager – Cybersecurity Vulnercapability & Threat Management is responsible for the following: » Develops, implement, and supervise the company’s Vulnercapability & threat management programs to protect Central Hudson’s assets and critical infrastructure » Overall responsibility for Vulnercapability Assessment and Management » Leads the design, implementation, and management of the organization’s vulnercapability management program » Conducts regular vulnercapability assessments and scans to identify potential security weaknesses in IT & OT systems and networks » Prioritizes vulnerabilities located on risk, impact, and exploitcapability » Provides clear remediation guidance to IT teams » Risk Analysis and Mitigation » Analyzes vulnercapability data to identify trends and develop strategies for mitigating risks » Develops and maintain a vulnercapability risk register and track remediation efforts to closure » Assist in the investigation and response to security incidents, leveraging vulnercapability data to understand attack vectors and prevent future occurrences » Generates and delivers regular reports on vulnercapability management activities and risk posture to senior management and significant stakeholders » Develops metrics and KPIs to measure the effectiveness of the vulnercapability management program. » Continually develops and manages roadmaps, strategy and maturity of the cybersecurity vulnercapability management program by partnering with key stakeholders across The Company » Develops and implements cybersecurity policies and procedures » Leads and manages the day-to-day vulnercapability governance » Leads a team to defend against threats, reduce risk, and mitigate vulnerabilities across the Company » Works closely with software development, DevOps, and IT teams to integrate security into the software development lifecycle (SDLC) » Drives application security program, policies, and procedures » Establishes and enforce secure coding standards and practices across development teams » Integrates security tools and processes into the CI/CD pipeline to automate security checks » Conducts regular security assessments, including static and dynamic application security testing (SAST/DAST), to identify vulnerabilities in software applications » Performs threat modeling, code reviews, and penetration testing to uncover potential security weaknesses » Provides detailed reports on findings and work with development teams to remediate identified vulnerabilities » Identifies and implement automation opportunities » Implements continuous improvement over people, process, and technologies » Participates in incident response and investigation activities, ensuring timely resolution » Conducts regular risk assessments and vulnercapability management processes » Leads teams in threat hunting measures » Collaborates with IT and other departments to ensure a cohesive and effective security posture » Stays updated on emerging cybersecurity threats and technologies » Coordinates with external vendors and stakeholders on security matters » Develops and deliver security consciousness training programs for employees » Monitors and reports on key security metrics to executive leadership abilities » Manages and guides third party vendor relationships related to the cybersecurity operations program » Supports the escalation of risks, issues, actions, & decisions within the program » Conducts risk assessments and develop strategies to mitigate potential threats and vulnerabilities » Collaborates with cross-functional teams to integrate security measures into business processes and technology solutions » Stays up-to-date with the latest cybersecurity trends, threats, and technologies to continuously improve the vulnercapability management program » Establishes and maintains relationships with key stakeholders, communicating security policies, incidents, and mitigation strategies. » Ensures compliance with significant regulations and standards » Provides storm/emergency response support What does it take to be a Manager– Cybersecurity Vulnercapability & Threat Management? Required: » Bachelor’s degree in Computer Science, Information Technology or related field of study and 5 years of significant practice. In lieu of a bachelor’s degree, an associate’s degree with 7 years of relative practice or a high school diploma or equivalency degree and 9 years of related practice will be considered. » At least 3 years of vulnercapability management practice » At least 2 years in a security related function » Proven leadership abilities, facilitation, and organizational expertise with at least 3 years of practice in a leadership abilities function » practice with incident response » practice with creating and maintaining external and internal relationships with key stakeholders » knowledge of cybersecurity frameworks, standards, and best practices » Excellent knowledge of vulnercapability management, and risk assessment » Strong leadership abilities expertise, with the capability to manage and mentor a team » Excellent communication expertise, with the capability to collaborate effectively with diverse teams » Familiarity with regulatory requirements and compliance frameworks » Analytical mindset with the capability to assess complex situations and make informed decisions » capability to present at all levels of the organization » A strong background with an knowledge of the intersection between business and cybersecurity to improve security practices » capability to influence business decision-making by providing quantitative/qualitative data analytics, metrics, and analysis » A results-oriented mindset with the capability to deal with problems and make decisions » capability to work with limited direct supervision and professionally respond to constructive feedback » Valid driver’s license Preferred: » practice in Energy & Utilities or services industry » practice with threat hunting and threat modeling » practice with application security » Knowledge of application security tools and technologies (e.g., SAST, DAST, RASP, WAF) » Proficiency in programming and scripting languages (e.g., Java, C#, Python, JavaScript) » Familiarity with DevSecOps practices and tools (e.g., Jenkins, Git, Docker, Kubernetes) » knowledge of common security vulnerabilities (e.g., OWASP Top Ten) and how to mitigate them » practice with Microsoft PowerBI » practice with data visualization tools » significant certifications such as CISSP, CISM, or comparable this job offer has a career path which allows for advancement opportunities within a job series. The title and level are commensurate with practice. Pay range: $136,800-211,900 Please go to www.centralhudson.com/employment. Click the “Search Career Opportunities” button. Follow the directions to submit an application and upload your resume for the desired position. Applications sent via e-mail and US Mail will not be accepted. No phone calls or agencies, please. All replies will be held in strict confidence. All qualified candidates will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, discapability, or protected veteran status. Central Hudson Gas & Electric Corporation takes affirmative action in support of its policy to employ and advance in employment individuals who are minorities, women, protected veterans, and individuals with disabilities. VEVRAA FEDERAL CONTRACTOR Skills:
|
||||||||||||||||||||||||||||||||
|