Cybersecurity Manager

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, or related field (Master’s preferred).
• Advanced cybersecurity certification such as CISSP, CISM, or equivalent.
• Minimum 7+ years in cybersecurity roles, with at least 3 years in a managerial capacity.
• Proven experience with NERC CIP compliance in the energy sector.
• Strong understanding of risk management frameworks (e.g., NIST, ISO 27001, SOC2).
• Excellent leadership and communication skills.
• Ability to manage multiple priorities in a fast-paced environment.
• Strong analytical and problem-solving abilities.

Nice To Haves

• Experience in battery energy storage or renewable energy industry.
• Familiarity with OT/ICS security and critical infrastructure protection

Responsibilities

• Develop, implement, and maintain enterprisewide cybersecurity policies, standards, and procedures.
• Oversee risk assessments and vulnerability management programs.
• Monitor and report on cybersecurity performance metrics and compliance status.
• Maintain relationships with relevant product and engineering teams, providing expert advice and guidance on cybersecurity topics.
• Ensure adherence and monitoring of processes related to NERC CIP standards and other applicable regulations as required by customer contracts.
• Prepare for and lead internal and external audits related to cybersecurity compliance.
• Maintain documentation and evidence for compliance reporting.
• Manage the organization’s ISO 27001 and SOC2 certifications, including ownership of the audit processes, non-conformance follow ups, and policy updates to ensure compliance.
• Review and interpret cybersecurity requirements in customer contracts.
• Collaborate with legal and commercial teams to ensure contractual obligations are met.
• Develop and maintain incident response plans.
• Lead investigations and remediation efforts for security incidents.
• Conduct root cause analysis and implement preventive measures.
• Design and deliver cybersecurity awareness programs for employees.
• Design and execute tabletop exercises to test policies and procedures.
• Provide specialized training for teams handling critical infrastructure.
• Identify emerging threats and recommend proactive security measures.
• Evaluate and implement new technologies and leading practices to strengthen security posture.
• Work closely with IT, Operations, Product, Engineering, Legal and Compliance teams to align cybersecurity initiatives with business objectives.
• Manage relationships with external vendors and service providers.