Cybersecurity Senior Manager

Our client is seeking a Cybersecurity Senior Manager Full Time Direct Hire (Not A Contract) United States - Illinois - Green Oaks United States - Illinois - Waukegan JOB DESCRIPTION: Our location in Waukegan, IL currently has an opportunity for a Cybersecurity Sr Manager. WHAT YOU'LL DO Oversee Technology Vendor Risk Management (TVRM) program, governance initiatives and operations. Ensure appropriate leveraging of security technologies and controls to protect the organization's systems and information and enable achievement of the organization's business objectives. Manage and design innovative integration of cybersecurity toolsets to enable more automated discovery, remediation, and alerting of people, process, and technology vulnerabilities, as a means of improving the security posture. Manage the development of vendor cybersecurity policy and standards. Assess and enforce security compliance of our organization technology and vendors. We need a senior leader for vendor risk assessment, control assessment and remediation planning. Job Responsibilities:

• Reports to the Director of Cybersecurity. The scope of this position is organization wide and considers the information security implications unique to all the organization divisions and regions when developing governance and risk management strategies.
• May have direct budget responsibility.
• Lead a risk-based cyber security program which meets regulatory requirements and aligns with industry leading information security practices.
• Lead threat identification and mitigation activities using industry leading security controls and tools sets.
• Advance the Company's cyber threat and vulnerability management program to ensure consistent identification, analysis, response, and monitoring of cyber security threats, events, and vulnerabilities.
• Assess threats to the business including third-party risks and deploy countermeasures for those threats.
• Collaborate with business units, application development teams, and third-party vendors to achieve program requirements while enabling the business.
• Apply technical knowledge to protect the Company against cyber threats (e.g., knowledge of firewalls, intrusion detection and prevention systems, data loss prevention solutions, endpoint protections, log aggregation technology and other leading-edge security technologies).
• Facilitate cross team coordination to achieve defined security goals as well as meet technical requirements in support of detailed implementation plans for security projects.
• Lead security projects to ensure the timely, on budget, and effective implementation of cyber security improvements that are operationally supported with validation methods in place to measure effectiveness.
• Direct assessment of cyber security incidents to identify the root cause, respond, and recover the environment.
• Establish strategies, policy and standards to protect company information and technology assets.
• Manage capital and operational expense budgets to ensure accurate forecasting and administration.
• Develop and execute strategies which develop individual team member skills and abilities.

• Bachelor's degree or higher in Information Security, Risk or IT Management, Computer Science, or related field; or equivalent experience
• 5 to 7 years IT security and/or risk management experience is required.
• 10+ years of general IT experience is required
• Experience with Vendor Risk Management
• Experience/Maturity with standing up a VRM organization

• Master degree
• Possess CISSP/CISM certification (or similar) and/or be knowledgeable of national and international regulatory compliances and frameworks such as ISO, SOX, BASEL II, EU DPD, HIPAA, and PCI DSS.
• Experience with implementation and operational use of GRC toolsets (Governance Risk and Compliance).
• Requires strong analytical skills, business intelligence, effective communication, interpersonal skills, organizational intelligence, relationship management, the ability to make meaningful decisions based on sound judgement, and the ability to work effectively with a variety of roles from Executive Management to Security Analysts.