Sr. IT Cyber Security Manager

IT Cybersecurity Manager Houston TX
Salary:
On Site 5 Days a Week

The IT Cybersecurity Manager is charged with establishing executing and overseeing a comprehensive cybersecurity program that aligns with the NIST Cybersecurity Framework and a layered defense strategy. This position is responsible for safeguarding all of the IT systems and applications in an global corporate environment. This resource will be responsible for designing strategic security architectures implementing operational controls and ensuring compliance with security standards. The role involves leading multidisciplinary teams to deploy and manage cutting-edge security solutions in a Microsoft Office 365 Azure Zscaler and Cisco/Palo Alto environment.

Necessary Qualifications and Expertise

• In-depth experience with the NIST Cybersecurity Framework and layered defense security strategies.
• 5 years experience with Office 365 security infrastructure Azure Security Center Network Security Groups and ExpressRoute configurations.
• 5 years of hands-on experience with firewalls specifically with either Cisco or Palo Alto networking technologies (or both)
• Strong project management capabilities including developing business cases and overseeing projects from start to finish.
• Proven leadership skills with experience leading cybersecurity teams and collaborating across functions to implement technology solutions.
• Excellent communication abilities to develop policies create presentations and facilitate global communications.
• Expertise in email security DLP technologies and eDiscovery tools.
• Solid understanding of identity and access management practices including MFA deployment.
• Experience with security awareness platforms like KnowBe4.
• Skilled in managing audits ensuring compliance and mitigating cyber risk.
• Strong interpersonal skills for collaboration with global teams and stakeholders.
• CISSP certification is highly preferred.
• Bachelors degree in Information Technology Management Information Systems or related field.

• Develop update and enforce cybersecurity policies and protocols conforming to the NIST Framework to effectively manage risks and meet regulatory requirements.
• Implement a layered security approach that incorporates multiple defense mechanisms across network endpoint application and data infrastructures.
• Convert organizational risk management objectives into measurable technical security controls and key performance indicators.
• Lead annual penetration testing exercises per NIST protocols to proactively uncover and remediate vulnerabilities within corporate systems networks and applications.
• Oversee a continuous vulnerability monitoring program conducting scheduled scans swiftly identifying emerging risks and ensuring timely mitigation in accordance with industry guidelines.

• Manage the setup deployment and maintenance of Palo Alto firewall systems to secure both perimeter and internal network environments.
• Implement network safeguards such as port security DHCP snooping and dynamic ARP inspection to defend against MAC flooding unauthorized device connections and Layer 2 attacks.
• Utilize 802.1X authentication combined with Cisco Identity Services Engine (ISE) for dynamic network access control policy enforcement.
• Apply macro-segmentation strategies through VRFs and VLANs to segregate sensitive zones like IoT and guest networks from core enterprise infrastructure.
• Enforce micro-segmentation using Cisco TrustSec and Security Group Tags to restrict lateral traffic between workloads based on identity and context.
• Use NetFlow and IPFIX technologies to establish baseline network traffic patterns and detect anomalies such as lateral movement or data leaks.
• Leverage Azure Security Center Network Security Groups and ExpressRoute to protect cloud resources and hybrid network models.
• Conduct regular network security assessments and penetration tests to expose and address security gaps.

• Administer email protection systems including filtering encryption and anti-phishing controls.
• Deploy Data Loss Prevention (DLP) mechanisms across email endpoint and cloud platforms to prevent unauthorized data transfers.
• Manage electronic discovery (eDiscovery) to support compliance and legal investigations involving data retention.

• Enforce multi-factor authentication (MFA) on all critical systems to reduce risk of unauthorized access.
• Administer access rights and privilege controls within Office 365 and other enterprise environments.
• Integrate and promote security awareness initiatives using platforms like KnowBe4 to educate employees and prevent phishing attacks.

• Lead security audits and inspections to verify adherence to industry standards and regulatory requirements.
• Monitor compliance with cybersecurity policies and manage corrective actions for any identified weaknesses.
• Collaborate with legal compliance and IT stakeholders to oversee cyber risk management and vendor security evaluations.

• Supervise and coach cybersecurity team members to encourage skill development and continuous learning.
• Work closely with IT operations network and cloud teams to deploy security measures and prepare incident response strategies.
• Act as a key liaison between executive leadership and technical teams communicating security status and initiatives effectively.

• Direct global cybersecurity initiatives from planning through deployment aligning with organizational priorities schedules and budget constraints.
• Develop detailed project plans define scopes assign resources and manage risks and issues throughout the project lifecycle.
• Coordinate efforts among cross-functional teams external vendors and stakeholders to achieve successful project delivery.
• Provide regular status reports to senior leadership highlighting project progress potential risks and outcomes.
• Utilize project management methodologies such as Agile Waterfall or hybrid models to optimize execution and continuous improvement.

Required Experience:

Manager