Headquarters: Cedar Rapids, IA
Position Location: Cedar Rapids, IA; Fort Wayne, IN or Amherst, NY
The RoleThe Manager - Cyber Security Services defines and manages the organization's IT security program in collaboration with IT and business stakeholders. This role leads the information security team, oversees the development and implementation of security policies, and ensures companywide protection through audits, incident response, and employee training.
Schedule: Monday - Friday
Travel: Minimal to other sites as needed.
Compensation: $99,750 - $150,000 is the full starting salary range (Pay Bi-Weekly) This pay scale represents a good faith estimate of the salary/hourly wage range the company reasonably expects to pay upon hire for this position: A final offer amount will depend on factors such as prior relevant experience, skills, and location
Benefits: Comprehensive package including medical, dental, and vision coverage; prescription drug and telemedicine services; company-paid life and disability insurance; retirement savings with company match; paid time off, holidays, and parental leave; plus additional voluntary benefits and employee discounts.
ESSENTIAL DUTIES AND RESPONSIBILITIES:- IT Security Program Leadership: Works with IT and business stakeholders to define and evolve an effective IT security program
- Information Security Team Management: Manages the information security team and partners with IT leaders to implement all elements of the security program, including risk management, vulnerability scanning and patching, data classification, change control, SIEM processes, and security documentation and policies
- Security Standards Development: Creates and maintains information security standards based on industry best practices
- Technical Security Expertise: Provides information security expertise in the technical design of data networks and infrastructure software
- Secure Application Development Support: Offers information security guidance and instruction to software application developers
- Policy and Procedure Governance: Establishes companywide information security policies and procedures
- Security Audits and Testing Oversight: Manages security audits, threat assessments, and security testing activities
- Incident Response Leadership: Leads the response to network and software system security incidents
- Security Awareness and Training: Develops and manages companywide employee security awareness training
- Architecture Review Participation: Contributes to infrastructure and application architecture reviews
- Additional Responsibilities: Performs other duties as assigned
- Attendance and Reliability: Maintains regular and reliable attendance
REQUIREMENTS:- Education: 4-year degree or combination of experience and education
- Experience: 5 years cyber security experience with a portion in leadership
- Knowledge: Familiar with NIST and CIS frameworks. Utilizing tools that align with vulnerability management, GRC, and risk management.
- Skills: Very personable and able to communicate well. Report writing and dashboard creation skills to articulate the cyber security program
PREFERRED QUALIFICATIONS:- CISSP or CISM
- Microsoft Cyber Security Architect Certification
- 5 years of experience leading a cyber security program
- Governance, Risk and Compliance experience.
CRST CORE VALUE:Safety at the Core of All We Do - Integrity in Every Decision and Action - Commitment to the Success of Employees, Customers, Agents, Contractors, and Communities
