Your tree & greenery experts.
Manager – Cybersecurity & Risk
Location
United States
Posted
9 days ago
Salary
$125K - $150K / year
Seniority
Senior
Job Description
Manager – Cybersecurity & Risk
SavATree
• Serve as the enterprise cybersecurity lead responsible for cybersecurity operations and risk management across infrastructure, endpoints, identity, cloud, applications, data, and third-party environments. • Partner closely with Infrastructure & Operations to strengthen endpoint security, vulnerability management, patching, identity and access management, logging, monitoring, and incident detection and response capabilities. • Provide technical cybersecurity leadership across Microsoft, cloud, SaaS, and enterprise platforms to improve overall security posture. • Partner with enterprise application teams to ensure secure architecture, integrations, and data practices across core business platforms, including Microsoft technologies and enterprise applications. • Lead cybersecurity incident response coordination, tabletop exercises, root cause analysis, and remediation planning. • Evaluate emerging threats and recommend pragmatic, risk-based mitigation strategies aligned to business priorities. • Monitor and assess cybersecurity posture across internal and third-party environments. • Help define and mature enterprise cybersecurity capabilities, operating processes, and governance appropriate for a growing organization. • Develop and maintain cybersecurity policies, standards, procedures, and best practices. • Build and maintain a practical cybersecurity roadmap focused on risk reduction, resiliency, and operational effectiveness. • Establish cybersecurity metrics, scorecards, and reporting for IT leadership and executive stakeholders. • Conduct risk assessments and partner with teams to prioritize remediation activities. • Support security awareness and training initiatives. • Support enterprise cybersecurity governance practices, including access controls, vendor risk management, data protection, and security awareness. • Partner with stakeholders on cybersecurity-related audits, customer questionnaires, cyber insurance requirements, and compliance activities. • Help mature incident response, disaster recovery, and business continuity capabilities. • Establish practical, scalable controls appropriate for a fast-paced, growth-oriented organization. • Drive accountability, service quality, and measurable outcomes across third-party providers. • Evaluate cybersecurity tools and recommend solutions aligned to business needs and organizational maturity. • Establish a strong cybersecurity operating foundation and improve organizational resiliency through pragmatic controls and risk reduction.
Job Requirements
- 7+ years of progressive cybersecurity experience with increasing responsibility.
- Experience operating as a senior cybersecurity individual contributor or technical leader in a mid-sized enterprise environment.
- Strong technical understanding across IAM, EDR, vulnerability management, SIEM, Microsoft Security, Azure security, infrastructure/network security, incident response, and security architecture.
- Experience developing cybersecurity policies, standards, and procedures.
- Experience managing third-party cybersecurity vendors and managed service providers.
- Strong communication skills with the ability to explain technical risks in business-friendly language.
- Experience in private equity-backed, multi-site, field-service, or distributed operations environments.
- Experience supporting geographically dispersed or branch-based organizations.
- Experience with Microsoft technologies including Azure, Microsoft 365, Defender, Intune, and Entra ID.
- Relevant certifications such as CISSP, CISM, Security+, Azure Security Engineer, or similar.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Administer and optimize the DSPM platform (Cyera); drive data discovery, classification, and risk prioritization across cloud and on-premises environments. • Administer and operate the DLP platform (Proofpoint); create, tune, and maintain policies to prevent unauthorized data movement. • Investigate and respond to DLP incidents; work with information owners and business stakeholders to resolve and remediate. • Collaborate with Security Analysts to correlate data security findings with broader security investigations and incidents. • Design and implement a data classification schema and labeling program. • Define and maintain data security policies and procedures. • Build metrics and reporting to communicate program health and risk reduction to leadership. • Partner with legal, compliance, and IT teams to align data security controls with business requirements. • Support audits and regulatory requirements related to data protection. • Contribute to disaster recovery planning and exercises with technology teams.
Information Security Incident Specialist, Fluent Ukrainian
SupportYourAppSupportYourApp is an industry leader in premium outsourced customer support that provides tech companies with reliable, cost-effective services. A multinational
• Manage security and operational incidents end-to-end, including investigation, coordination, and response; • Communicate directly with Clients and stakeholders during Data Breach incidents; • Conduct Root Cause Analysis, develop preventive measures, and prepare management reports; • Analyze Clients’ workflows and incident trends to identify risks and improve security processes; • Assess the security of software, platforms, and third-party vendors; • Review new hiring locations for compliance with data protection and security standards; • Develop incident response procedures and maintain internal security documentation and knowledge base.
• Assess security configurations across Windows Server, Linux, networking, Azure and Microsoft 365 against recognised best practice standards • Develop and implement remediation plans to address identified security weaknesses across the infrastructure estate • Resolve permission and ACL issues, including file and folder access concerns, without impacting service availability • Improve Azure and Microsoft 365 security posture, including remediation of findings raised by Microsoft security tooling and maintaining Microsoft Secure Score • Strengthen identity, ransomware resilience and end-user security controls across the wider technology estate • Review and uplift data protection measures, including DLP configurations and broader data loss prevention controls • Create and maintain process documentation as controls, processes and operating practices mature
• Architect and implement defensive security controls for cloud, production, and corporate environments • Support the deployment, configuration, and maintenance of network security tools • Build systems to support automation, visibility, and threat detection for efforts across various information security and infrastructure teams • Independently drive network security initiatives and foster a security-first mindset across the organization • Work closely with Network, Infrastructure, and other partner teams to review designs and use-cases, ensuring our networks are secure by design
