Assistant Cybersecurity Program Manager Jobs in Worcester, MA

US LBM is one of the leading and fastest growing distributors of specialty building materials in the United States, with a team of over 15,000 employees located throughout the country. Since our founding in 2009, we have acquired over 70 companies and have expanded to more than 500 locations serving 37 states. US LBM is a progressive organization that promotes a unique culture that focuses on the value of its customers and associates. Developing our people is critical to our strategy and fostering our culture of empowerment.

.

Position Overview

The Senior Manager, Cybersecurity Operations, serves as a key leader responsible for directing the daily functions of US LBM’s cybersecurity defense and incident response activities. This role is charged with ensuring the efficient oversight of cybersecurity operations team, the execution of industry best practices, and the proactive identification, mitigation, and resolution of cyber threats.

• Lead and manage the Cybersecurity Operations team.
• Develop, implement, and maintain security operations processes, policies, and procedures in alignment with industry standards and regulatory requirements.
• Oversee the continuous monitoring of security events, threat intelligence analysis, and the timely detection and response to security incidents.
• Coordinate and direct incident response activities, including investigation, containment, eradication, and recovery efforts for cyber events.
• Establish and maintain relationships with external partners and relevant industry groups to stay informed on emerging threats and best practices.
• Ensure the effective use of security tools and technologies, such as SIEM, IDS/IPS, endpoint detection and response, and vulnerability management platforms.
• Conduct regular risk assessments, vulnerability scans, and penetration tests to identify and address security gaps.
• Develop and deliver security awareness programs and training for staff across the organization.
• Prepare and present regular reports on the status of cybersecurity operations, incidents, and risk posture to executive leadership.
• Support audit and compliance activities related to cybersecurity, including SOX, or other relevant frameworks.
• Define and align cybersecurity policies, strategies, and standards, governing both internal cyber operations teams and external SOC providers.
• Maintain a robust Incident Response program to ensure effective responses to cybersecurity incidents.
• Act as the lead cyber incident commander during cybersecurity incidents, responsible for containment, eradication, and recovery efforts as appropriate.
• Manage multiple discrete projects and enhancements to continuously build, maintain, and mature cybersecurity capabilities across people, processes, and technologies.
• Engage and lead teams across the entire IT, OT, and managed services landscapes, ensuring seamless collaboration and effective cybersecurity practices.
• Make rapid, high-impact decisions to stop or mitigate complex attacks, including emergency actions in response to active incidents outside routine technology processes.
• Execute key operational decisions to address attacks and threats, such as spam/malware campaigns and criminal operations.
• Oversee the planning, development, implementation, and maintenance of the SOC, partnering with stakeholders to design and deploy strategies and solutions across various vendor platforms.
• Serve as a thought leader by researching and implementing innovative approaches to improve cybersecurity operations and strategy.
• Ensure strict adherence to cybersecurity controls, policies, and standards, with a focus on automation and control.
• Assess current IT architecture, business needs, and future requirements as they relate to SOC operations.
• Prepare and potentially present at Cyber Council, Senior Executive Team, and Board of Directors meetings, delivering senior-level technical reports for executive management.
• Oversee Cybersecurity Awareness Program
• Communicate regularly with IT and business teams (such as Legal, HR, and Security) to align cybersecurity goals, gather feedback, and foster collaboration.
• Manage relationships with third-party service providers, including negotiating contract terms.
• Stay current on cybersecurity trends, innovative solutions, emerging standards, and new threat vectors through professional publications, networking, and participation in industry organizations.
• Provide guidance to internal and external cyber teams on technologies including threat detection, engineering, incident response, security monitoring, vulnerability management, application and data security, threat intelligence, and SOC operations across IT and OT environments.
• Develop and implement best practices to enhance Cybersecurity Operations capabilities.
• Participate in external risk organizations and peer groups to learn from other organizations and benchmark the cybersecurity program.
• Operationalize threat models to protect against both existing and emerging threats.
• Ensure that cyber operations requirements are identified, well-defined, properly documented, and approved by relevant stakeholders.

• Bachelor’s or Master’s degree in Computer Science, Information Security, Information Technology, or a related field.
• 7+ years of progressive experience in information security, with at least 3 years in a leadership or managerial role within a security operations environment.
• Relevant certifications such as CISSP, CISM, GIAC, or equivalent are highly preferred.
• Strong understanding of cybersecurity security operations, threat intelligence, and incident response methodologies.
• Experience with managing an external security operations center (SOC), security event monitoring, and advanced persistent threat (APT) detection.
• Excellent communication, leadership, and interpersonal skills, with the ability to effectively manage teams and interact with stakeholders at all levels.
• Demonstrated ability to analyze complex situations, prioritize tasks, and drive results in a fast-paced environment.
• Experience with cloud security, network security, endpoint protection, and vulnerability management technologies.

• Experience managing hybrid or remote teams.
• Proven track record in developing and executing cybersecurity strategies and roadmaps.
• Strong project management and organizational skills.
• Ability to stay current with rapidly evolving threat landscapes and security technologies.

.

US LBM Holdings, LLC, is an equal-opportunity employer. We do not discriminate on the basis of race, color, religion, creed, national origin or ancestry, sex, age, physical or mental disability, veteran or military status, genetic information, sexual orientation, gender identity, marital status, military status, order of protection status, or any other legally recognized protected basis under federal, state, or local law.