The Senior Cybersecurity Manager is responsible for managing and providing services related to a broad range of cyber disciplines, including maturity assessments, cyber program design and policy development. They work on-site and off-site to evaluate client compliance with common industry standards and regulations.
The Senior Cybersecurity Manager must have working knowledge of leading cyber frameworks. Assist with managing client engagements, working with and delegating tasks to team members, drafting/reviewing deliverables, and directly interacts with client personnel.
Lead a team of skilled experts, and together, perform cybersecurity assessment interviews, reporting, and delivery of regulatory assessments (NIST, ISO, PCI, etc.), risk analyses, and additional cybersecurity related projects.
- Manage and performance cybersecurity control assessments in a wide variety of business environments, including:
- NIST Cybersecurity Framework (CSF)
- HIPAA Security Rule
- Cloud Security Controls
- Document and review assessment results and prepare project deliverables that reflect analysis and observations to be communicated to client management.
- Provide trusted advisory services and guidance to clients that will reduce organizational risk and improve their overall security posture
- Contribute to the development of the team’s assessment methodologies that help increase assessment efficiencies.
- Develop and maintain cybersecurity practices and methodologies that help support Focal Point’s cyber related initiatives and project efficiencies.
- Actively participate in local cybersecurity community (e.g., LinkedIn, local events, online forums), and assists in creating cybersecurity white papers on hot topics and current events that will provide guidance to current and potential clients.
- 6+ years working in a consulting role as a Cybersecurity Manager or Senior Consultant or related field experience
- 6+ years working with security controls and understanding operational risk tolerance
- 6+ years’ experience performing cybersecurity and/or security gap assessments
- Understanding of data protection, classification, and management controls
- Providing trusted advisory services and guidance to clients that will reduce organizational risk and improve their overall security posture
- Preparing and reviewing reports and other deliverables that contain strategy, technical analysis, and findings in connection with our advisory and assessment engagements and communicating those results to client management
- Proven ability to manage staff in the completion of engagements on time with limited necessary revision
- Experience with assisting with business development activities, as a subject matter expert, including proposal development and sales calls
- Preparing proposals and statements of work for future engagements
- Experience with the performance of Business Impact Analyses (BIAs) along with development of business continuity and disaster recovery plans (BCPs and DRPs)
- BA, BS, or relevant business degree
- Ability to travel up to 50% (post pandemic)
- Knowledge of the leading industry frameworks (NIST, ISO, etc.)
- Additional experience or understanding of PCI, CMMC, and other cyber disciplines (IAM, penetration testing, etc.)
- CISSP, CISM, and/or other certifications