Senior Cybersecurity Manager

Location - 100% remote, must live in Central or Eastern time zone

Position Summary

The Cybersecurity Manager is a senior role responsible for leading, maturing, and hands-on execution of the organization’s information security program. Operating across a large enterprise environment of 2,500–10,000 employees in a hybrid cloud/on-premise landscape, this individual will serve as both a strategic program leader and a working technical practitioner. With one direct report, the Cybersecurity Manager must be capable of operating independently, driving security initiatives end-to-end, and building a scalable security function aligned to industry best practices including NIST CSF, CIS Controls, and ISO 27001.

Key Responsibilities

Governance, Risk & Compliance (GRC)

• Own and mature the organization’s information security program and policy framework
• Lead risk assessments and maintain the enterprise risk register with remediation tracking
• Develop and enforce security policies, standards, and procedures aligned to NIST CSF and CIS Controls
• Report security posture, risk trends, and program metrics to senior leadership and stakeholders
• Manage internal and external audit engagements related to cybersecurity

Security Operations (SOC)

• Oversee day-to-day security monitoring across SIEM, EDR, and network detection tooling
• Define detection and alerting strategies; tune rules to reduce false positives
• Review and triage escalated alerts; serve as a hands-on analyst when needed
• Maintain and improve SOC playbooks, runbooks, and escalation procedures

Incident Response

• Serve as the Incident Response lead for all cybersecurity events and breaches

Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• Develop, maintain, and exercise the Incident Response Plan (IRP) and associated playbooks
• Coordinate cross-functional response with IT, Legal, HR, and Executive leadership
• Conduct post-incident reviews and drive remediation of identified gaps

Infrastructure & Cloud Security

• Oversee security architecture reviews for on-premise and cloud environments (AWS, Azure, or GCP)
• Ensure security-by-design principles are applied to infrastructure changes and new deployments
• Manage vulnerability management program including scanning, prioritization, and remediation tracking
• Partner with IT and DevOps teams to embed security controls into the SDLC and cloud pipelines

Identity & Access Management (IAM)

• Govern IAM strategy including role-based access control (RBAC), least privilege, and access reviews
• Oversee MFA, SSO, and privileged access management (PAM) implementations
• Conduct and manage periodic user access certifications across enterprise systems
• Partner with HR and IT on joiner/mover/leaver lifecycle processes

People & Program Leadership

• Manage and mentor one direct report (Cybersecurity Analyst / Engineer)
• Define team priorities, manage workload distribution, and conduct performance reviews

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• Build and maintain a multi-year cybersecurity roadmap aligned to organizational risk appetite
• Manage security tool stack, vendor relationships, and departmental budget

Required Qualifications

• 7+ years of experience in cybersecurity, with at least 2 years in a lead or management capacity
• Demonstrated hands-on experience across two or more security domains (GRC, SOC, IR, Cloud Security, IAM, TPRM)
• Proficiency with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar)
• Experience with vulnerability management tools (e.g., Tenable, Qualys, Rapid7)
• Working knowledge of cloud security in AWS, Azure, or GCP hybrid environments
• Strong understanding of security frameworks: NIST CSF, CIS Controls, ISO 27001
• Proven ability to lead incident response engagements end-to-end
• Excellent written and verbal communication skills; ability to present to executive stakeholders

Preferred Qualifications

• CISSP, CISM, CISA, or equivalent industry certification
• Experience building or significantly maturing a security program
• Familiarity with GRC platforms (e.g., ServiceNow GRC, Archer, OneTrust)
• Experience with PAM tooling (e.g., CyberArk, BeyondTrust)
• Background in a large enterprise environment (2,500+ employees)

We are an Equal Opportunity Employer. Veterans are encouraged to apply.