Manager, Cyber Security

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field (required; equivalent experience is not a substitute at this level).
• 6+ years of progressive information security experience, including security architecture, vulnerability management, and security operations.
• 6+ years managing a security function, including direct reports and vendor/partner relationships.
• Hands-on proficiency with enterprise security toolsets: Wiz.io, CrowdStrike, Tenable, and SumoLogic (or best-of-breed equivalents with demonstrated ability to onboard quickly).
• Proven track record building and managing a security KPI/KRI program — ability to define metrics, build dashboards, and drive cross-functional accountability to data.
• Some experience with SOC 2 Type II, PCI DSS 4.0, and NIST frameworks in a multi-entity or multi-BU environment.
• Experience managing a 24x7 SOC (internal or MSSP), including SLA governance and incident escalation.
• Strong cloud security expertise in AWS; familiarity with cloud-native security controls and CSPM tooling.
• Active CISSP or CISM certification (both strongly preferred).
• Executive-level communication skills with ability to translate technical risk into business language for CIO and senior leadership audiences.

Nice To Haves

• Active CISSP or CISM certification (both strongly preferred).

Responsibilities

• Own and drive the enterprise security strategy and multi-year roadmap, translating risk posture into actionable initiatives aligned with CAMP’s business objectives.
• Present security program status, risk, and investment ROI to the CIO and serve as a credible security voice at the executive level.
• Lead security architecture decisions across cloud (AWS), SaaS, on-premises, AI environments and hybrid environments spanning multiple business units.
• Drive Zero Trust implementation, application security maturity (SAST/DAST), and AI security preparedness enterprise-wide.
• Define, own, and report on a comprehensive security KPI/KRI dashboard for vulnerability programs and other security initiatives.
• Hold the program accountable to delivery timelines; proactively surface and remediate project risk before issues become overdue.
• Manage a teams that operates and optimize CAMP’s core security toolstack with hands-on proficiency (io, CrowdStrike, Tenable, SumoLogic, AutoMox, Invicti).
• Manage the SOC partnership: SLA governance, escalation protocols, and ongoing service maturation across all BUs.
• Lead vulnerability management end-to-end: identification, prioritization, SLA enforcement and executive reporting.
• Direct incident response as incident commander; maintain, test, and continuously improve the IR plan.
• Partner with GRC on policy enforcement, audit evidence, and enterprise risk management.
• Serve as the primary security contact for customer security reviews, contract negotiations, and third-party assessments.
• Familiarity with AI security risk and securing AI-enabled enterprise applications.
• Lead, mentor, and develop a team of security engineers across Infrastructure and Application Security.
• Foster a culture of technical rigor, accountability, and continuous improvement.

Benefits

• CAMP is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities.