Cybersecurity & Privacy Manager

Diversified USAPortland, ME
Hybrid

About The Position

As our Cybersecurity and Privacy Manager, you'll own the strategy and day-to-day execution of the information security and data privacy program that protects a global portfolio of live events and media brands. You'll work closely with the VP of Technology & Security and collaborate across IT, legal, and business teams, giving you both the executive visibility and the cross-functional reach to drive real impact. This is a rare opportunity to lead with both technical depth and human-centered purpose at a company where your work directly safeguards the communities we serve.

Requirements

  • 5+ years of progressive information security or cybersecurity experience, including at least 2 years in a supervisory or leadership role, with a track record of building and maturing security programs.
  • Advanced knowledge of Microsoft Azure and Microsoft 365, identity and access management, network security principles, SIEM, IDS/IPS, endpoint protection, and vulnerability assessment and penetration testing tools.
  • Familiarity with multi-cloud environments, Cloud Security Posture Management (CSPM) tools, DevSecOps practices, secure SDLC principles, and AI/ML security concepts including prompt injection risks.
  • Intermediate-to-advanced understanding of privacy legislation and regulatory frameworks — including GDPR, HIPAA, and state privacy laws — with experience evaluating vendor contracts and managing data subject requests.
  • Familiarity with one or more frameworks like NIST CSF, ISO 27001, and CIS Controls.
  • Strong written and verbal communication skills, with a proven ability to translate complex security topics for non-technical audiences and present confidently to senior leadership.
  • Sound analytical and problem-solving instincts, the ability to manage competing priorities, and the discretion to handle sensitive issues with appropriate care.

Nice To Haves

  • Certifications such as CISSP, CISM, CIPP, or CRISC are preferred

Responsibilities

  • Develop and manage the enterprise information security strategy, framework, and roadmap — including controls, policies, standards, and procedures across on-premises, cloud, and hybrid environments.
  • Lead incident response efforts and keep disaster recovery and business continuity plans current; coordinate with third-party vendors, forensic investigators, and internal stakeholders when it matters most.
  • Oversee vulnerability assessments, penetration testing, risk assessments, and security audits; monitor the evolving threat landscape and present regular program efficacy reports to senior leadership.
  • Build and maintain the organization's privacy controls, policies, and procedures; manage data subject access requests and privacy incidents; and stay ahead of changes in regulations like GDPR, HIPAA, and applicable state privacy laws.
  • Manage relationships with security and privacy vendors, negotiate contracts and SLAs, and steward the program budget — identifying cost-saving opportunities without compromising protection.
  • Oversee and optimize the security technology stack, including firewalls, IDS/IPS, SIEM, and endpoint protection platforms.
  • Directly manage and mentor the IT Security and Privacy Analyst, set clear objectives, support professional development, and build security awareness training programs that resonate with employees across the organization.

Benefits

  • Generous paid time off programs including vacation, sick leave and paid family and medical leave.
  • Training conferences
  • Professional development seminars
  • LinkedIn Learning for all staff
  • Comprehensive Healthcare
  • No-cost-to-you services.
  • Free access to all employees and their families to a national network of licensed clinical psychologists, interactive self-paced programs, life coaches and 24/7 support.
  • Wellness Program which supports physical, mental, and emotional well-being through offering fitness challenges, webinars, and nutrition education.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service