- Company Name
- Vessco Water
- Job Title
- Cybersecurity Manager
- Job Description
-
**Job Title:** Cybersecurity Manager
**Role Summary:**
Lead the enterprise cybersecurity program, translating strategic objectives into actionable controls, policies, and roadmaps. Oversee governance, risk, and compliance (GRC) activities; manage security engineering and operations; chair the Cybersecurity Risk Committee; and coordinate with IT, legal, finance, and HR to align cybersecurity initiatives with business goals.
**Expectations:**
- Develop, validate, and operationalize a multi‑year cybersecurity roadmap, aligning with business objectives and enterprise risk appetite.
- Maintain ongoing alignment with IT strategy, digital transformation, mergers & acquisitions, and private‑equity value creation.
- Provide senior leadership with quarterly briefings on risk posture, KPIs, and investment recommendations.
- Chair and manage the Cybersecurity Risk Committee, ensuring timely action on decisions and compliance.
**Key Responsibilities:**
1. **Strategic Leadership** – Create and ratify enterprise cybersecurity roadmap; define and track KPIs/KRIs; partner with VP of IT Infrastructure & Operations.
2. **Governance, Risk & Compliance (GRC)** – Develop and enforce security policies aligned with NIST CSF, CIS Controls, ISO 27001, and CMMC; conduct risk assessments, vulnerability management, and compliance initiatives; oversee incident response planning and tabletop exercises; support legal and HR on data privacy and regulatory compliance.
3. **Cybersecurity Engineering & Operations** – Design secure architectures across servers, networks, endpoints, and cloud (Microsoft 365/Azure, AWS); select and optimize security tools (EDR, SIEM, IAM/MFA, PAM, DLP, backup/BC); manage external MSSP/SOC partners; review security architecture for new systems, integrations, and acquisitions.
4. **Awareness & Culture** – Partner with HR and communications to deliver phishing simulations, training campaigns, playbooks, and user‑friendly communications; promote a cybersecurity‑aware culture.
**Required Skills:**
- Leadership and communication with cross‑functional stakeholders.
- Deep knowledge of NIST CSF, CIS Controls, ISO 27001, CMMC, and other frameworks.
- Experience managing OSSP, penetration testing firms, and compliance assessors.
- Proficiency with Microsoft 365, Azure, Active Directory, firewalls, network segmentation, vulnerability management, and patching.
- Strong analytical, problem‑solving, and risk‑management abilities.
**Required Education & Certifications:**
- Bachelor’s degree in Information Security, Computer Science, or related field (Master’s preferred).
- 7+ years of cybersecurity experience, including 3+ years in a management or lead role.
- Certifications: CISSP, CISM, or CISA strongly preferred; CompTIA Security+ or equivalent; NIST CSF or CMMC practitioner credentials a plus.
Chanhassen, United states
Hybrid
Senior
19-11-2025