Manager, Cyber Security
Indianapolis, IN - USA
Job Summary
Location: 100% remote must live in Central or Eastern Region
Salary Range: $150000 - $165000
Company Overview
Performing over 80 million locates annually USIC is the most trusted name in underground utility damage prevention. USIC also provides a full suite of utility services throughout North America. Our Mission: to deliver quality efficient safe and innovative solutions to protect our partners infrastructure and critical assets. Our Culture is known as Living the SAFE-LIFE: Protecting Infrastructure Protecting Our Communities Protecting Ourselves.
Summary
The Cybersecurity Manager is a senior role responsible for leading maturing and hands-on execution of the organizations information security program. Operating across a large enterprise environment of employees in a hybrid cloud/on-premise landscape this individual will serve as both a strategic program leader and a working technical practitioner. With one direct report the Cybersecurity Manager must be capable of operating independently driving security initiatives end-to-end and building a scalable security function aligned to industry best practices including NIST CSF CIS Controls and ISO 27001.
Responsibilities
- Own and mature the organizations information security program and policy framework
- Lead risk assessments and maintain the enterprise risk register with remediation tracking
- Develop and enforce security policies standards and procedures aligned to NIST CSF and CIS Controls
- Report security posture risk trends and program metrics to senior leadership and stakeholders
- Manage internal and external audit engagements related to cybersecurity
- Oversee day-to-day security monitoring across SIEM EDR and network detection tooling
- Define detection and alerting strategies; tune rules to reduce false positives
- Review and triage escalated alerts; serve as a hands-on analyst when needed
- Maintain and improve SOC playbooks runbooks and escalation procedures
- Serve as the Incident Response lead for all cybersecurity events and breaches
- Develop maintain and exercise the Incident Response Plan (IRP) and associated playbooks
- Coordinate cross-functional response with IT Legal HR and Executive leadership
- Conduct post-incident reviews and drive remediation of identified gaps
- Oversee security architecture reviews for on-premise and cloud environments (AWS Azure or GCP)
- Ensure security-by-design principles are applied to infrastructure changes and new deployments
- Manage vulnerability management program including scanning prioritization and remediation tracking
- Partner with IT and DevOps teams to embed security controls into the SDLC and cloud pipelines
- Govern IAM strategy including role-based access control (RBAC) least privilege and access reviews
- Oversee MFA SSO and privileged access management (PAM) implementations
- Conduct and manage periodic user access certifications across enterprise systems
- Partner with HR and IT on joiner/mover/leaver lifecycle processes
- Manage and mentor one direct report (Cybersecurity Analyst / Engineer)
- Define team priorities manage workload distribution and conduct performance reviews
- Build and maintain a multi-year cybersecurity roadmap aligned to organizational risk appetite
- Manage security tool stack vendor relationships and departmental budget
Requirements
- 7 years of experience in cybersecurity with at least 2 years in a lead or management capacity
- Demonstrated hands-on experience across two or more security domains (GRC SOC IR Cloud Security IAM TPRM)
- Proficiency with SIEM platforms (e.g. Splunk Microsoft Sentinel QRadar)
- Experience with vulnerability management tools (e.g. Tenable Qualys Rapid7)
- Working knowledge of cloud security in AWS Azure or GCP hybrid environments
- Strong understanding of security frameworks: NIST CSF CIS Controls ISO 27001
- Proven ability to lead incident response engagements end-to-end
- Excellent written and verbal communication skills; ability to present to executive stakeholders
- CISSP CISM CISA or equivalent industry certification preferred
- Experience building or significantly maturing a security program
- Familiarity with GRC platforms (e.g. ServiceNow GRC Archer OneTrust)
- Experience with PAM tooling (e.g. CyberArk BeyondTrust)
- Background in a large enterprise environment (2500 employees)
We are an Equal Opportunity Employer. Veterans are encouraged to apply.
Required Experience:
Manager
About Company
USIC is North America’s largest provider of underground utility damage prevention services, performing more than 80 million locates each year, and an emerging leader in advanced utility services and solutions. We are committed to providing the highest quality services, and safety is a ... View more