Cyber Defense Manager

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field is required
• Minimum 5 years of related cybersecurity experience in a similar consulting practice or function
• CISSP, CISM, GIAC (e.g., GSEC, GCIH, GISP, etc.), cloud security (e.g., AZ-500, AWS Certified Security, Google Cloud Professional Architect / Security Engineer) or other related certifications required
• Strong command of MITRE ATT&CK and adversary tradecraft, with the ability to translate behaviors into actionable detections and safeguards.
• Deep experience with network defense, system hardening, logging pipelines, and security control implementation
• Proven ability to articulate complex defensive issues to both technical and non-technical audiences with clarity and precision
• Strong project management skills and the ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment.
• Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships
• Strong professional verbal and written skill
• Leading and managing one or more of the overarching areas below:
• Assessing cybersecurity programs and capabilities against industry leading frameworks (e.g., NIST CSF, CRI Profile) and compliance and regulatory requirements.
• Working knowledge of cybersecurity industry leading practices and frameworks, such as NIST CSF, CRI Profile, ISO 27001/2, NYS DFS 500, PCI-DSS, CIS Controls, CIS Benchmarks.
• Excellent analytical, organizational and project management skills
• Can travel as needed

Responsibilities

• Lead cyber defense engagements focused on adversary behaviors, detection coverage, and safeguard effectiveness across complex enterprise environments.
• Apply expert knowledge of MITRE ATT&CK to map threat scenarios, identify defensive gaps, and design measurable, threat-informed detection strategies.
• Engineer, tune, and validate detections across SIEM, EDR, NDR, and log-centric platforms to ensure high-fidelity coverage against real-world TTPs.
• Assess and strengthen network and system safeguards, including segmentation, hardening, logging architectures, and control configurations.
• Conduct threat-informed assessments, purple team exercises, and defensive readiness evaluations.
• Communicate defensive findings, tradeoffs, and recommendations clearly to both technical teams and executive stakeholders.
• Guide clients through building resilient defense programs, including detection maturity, operational readiness, and continuous improvement.
• Mentor analysts and contribute to the development of detection playbooks, methodologies, and defensive frameworks.
• Develop and manage client relationships with the intention to exceed client expectations.
• Adhere to the highest degree of professional standards and strict client confidentiality.
• Participate in professional development activities and training sessions on regular basis.
• Other duties as assigned.