Cybersecurity Manager

Wakefield & Associates

Knoxville, TN

Vision , Medical , Dental , Paid Time Off , Life Insurance , Retirement
Full-Time

General Summary of Duties

As the Cybersecurity Manager, you will be responsible for overseeing and enhancing our cybersecurity posture, with a primary focus on Security Information and Event Management (SIEM) Management, Vulnerability Management, process and controls implementation, vendor relationships, internal business relationships, and security remediations. The ideal candidate will possess accredited certifications and a proven track record of success in managing complex cybersecurity environments. The Cybersecurity Manager will report to the Director of IT Operations.

Key Responsibilities

Vulnerability Management

Oversee the vulnerability assessment and remediation program, ensuring timely identification, prioritization, and mitigation of security vulnerabilities across the organization's infrastructure.
Coordinate with IT teams to implement patch management processes and deploy security updates promptly.

Process and Controls

Establish and enforce cybersecurity policies, standards, and procedures aligned with industry best practices and regulatory requirements.
Conduct regular assessments and audits to ensure compliance with established security protocols and identify areas for improvement.
Establish and maintain a compliance framework tailored to our organization's needs, including policies, procedures, and controls.

Vendor Relationships

Manage relationships with cybersecurity vendors and service providers, including security software vendors, consulting firms, and Managed Security Service Providers (MSSPs).
Evaluate vendor products and services, negotiate contracts, and ensure that vendors adhere to agreed-upon service level agreements (SLAs) and security requirements.

Internal Business Relationships

Collaborate closely with cross-functional teams, including IT, risk management, legal, and business units, to integrate cybersecurity considerations into business processes and initiatives.
Provide guidance and support to internal stakeholders on cybersecurity matters, including risk assessments, incident response, and security awareness training.
Engage with client teams to provide direction and oversight to successfully complete cybersecurity and compliance audits.

Certification Acquisition

Identify opportunities for obtaining additional certifications that align with our business objectives and industry requirements.
Develop and execute strategies to achieve certification goals, including gap assessments, remediation plans, and readiness assessments.

Security Remediations

Lead incident response efforts, including containment, investigation, and recovery, in the event of cybersecurity incidents or breaches.
Develop and maintain incident response plans, playbooks, and communication protocols to facilitate swift and effective response to security incidents.

Qualifications:

Bachelor's degree in computer science, Information Technology, or equivalent experience.
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certifications preferred.
Proven experience in managing security and log management platforms, such as Splunk, CrowdStrike, or Rapid7, in enterprise environments.
In-depth knowledge of vulnerability management processes, tools, and techniques, including vulnerability scanning and penetration testing.
Strong understanding of cybersecurity frameworks, such as NIST Cybersecurity Framework, ISO 27001, PCI, or CIS Controls.
Proven experience implementing cybersecurity initiatives and roadmaps to support strengthening security posture across multiple business verticals.
Excellent communication and interpersonal skills, with the ability to effectively engage with stakeholders at all levels of the organization.
Demonstrated leadership capabilities to mentor professionals within the team to support cybersecurity methodologies and initiatives.

Benefits: