What You Will Experience In This Role: The Manager of Cyber Security is a direct report to the CIO and owns CAMP's enterprise security program across all business units. This is a strategic leadership role that demands equal command of security architecture, hands-on toolset expertise, data-driven program management, and executive communication. The successful candidate provides strategic input, builds and defends a mature, measurable security posture not just responds to incidents. Responsibilities require hands-on expertise, leadership, and change management experience, as well as deep security expertise and KPI reporting to ensure effective integration into businesses.
Strategic Security Leadership:- Own and drive the enterprise security strategy and multi-year roadmap, translating risk posture into actionable initiatives aligned with CAMP's business objectives.
- Present security program status, risk, and investment ROI to the CIO and serve as a credible security voice at the executive level.
- Lead security architecture decisions across cloud (AWS), SaaS, on-premises, AI environments and hybrid environments spanning multiple business units.
- Drive Zero Trust implementation, application security maturity (SAST/DAST), and AI security preparedness enterprise-wide.
Metrics & Program Management:- Define, own, and report on a comprehensive security KPI/KRI dashboard for vulnerability programs and other security initiatives
- Hold the program accountable to delivery timelines; proactively surface and remediate project risk before issues become overdue.
Security Operations & Toolset Ownership:- Be able to manage a teams that operates and optimize CAMP's core security toolstack with hands-on proficiency (io, CrowdStrike, Tenable, SumoLogic, AutoMox, Invicti)
- Manage the SOC partnership: SLA governance, escalation protocols, and ongoing service maturation across all BUs.
- Lead vulnerability management end-to-end: identification, prioritization, SLA enforcement and executive reporting.
- Direct incident response as incident commander; maintain, test, and continuously improve the IR plan.
- Partner with GRC on policy enforcement, audit evidence, and enterprise risk management.
- Serve as the primary security contact for customer security reviews, contract negotiations, and third-party assessments.
- Familiarity with AI security risk and securing AI-enabled enterprise applications.
Team Leadership:- Lead, mentor, and develop a team of security engineers across Infrastructure and Application Security.
- Foster a culture of technical rigor, accountability, and continuous improvement.
You have:• Bachelor's degree in Computer Science, Information Security, or a related field (required; equivalent experience is not a substitute at this level).
• 6+ years of progressive information security experience, including security architecture, vulnerability management, and security operations.
• 6+ years managing a security function, including direct reports and vendor/partner relationships.
• Hands-on proficiency with enterprise security toolsets: Wiz.io, CrowdStrike, Tenable, and SumoLogic (or best-of-breed equivalents with demonstrated ability to onboard quickly).
• Proven track record building and managing a security KPI/KRI program - ability to define metrics, build dashboards, and drive cross-functional accountability to data.
• Some experience with SOC 2 Type II, PCI DSS 4.0, and NIST frameworks in a multi-entity or multi-BU environment.
• Experience managing a 24x7 SOC (internal or MSSP), including SLA governance and incident escalation.
• Strong cloud security expertise in AWS; familiarity with cloud-native security controls and CSPM tooling.
• Active CISSP or CISM certification (both strongly preferred).
• Executive-level communication skills with ability to translate technical risk into business language for CIO and senior leadership audiences.
Salary Range: $175,000 - $190,000 DOE (Depending on experience)Why Work at CAMP?Join a culture where your ideas matter, your impact is real, and your growth is supported. Be part of a team reimagining the future of aviation.
