Sr. Manager, IT Security

About The Position

Requirements

• 8+ years of experience in IT Security or Cybersecurity with at least 2-years in a leadership capacity
• Bachelor's degree in Information Technology, Cybersecurity, or related field (or equivalent professional experience)
• Strong knowledge of cybersecurity frameworks, threat intelligence, and risk management
• Experience with cloud security (e.g., AWS, Azure), network security, and identity and access management solutions
• Proven ability to manage third-party SOC relationships and implement security recommendations
• Strong understanding of network, system, and application security principles
• Proficient in security monitoring, threat detection, incident response, and risk assessment tools
• Knowledge of data privacy laws, compliance frameworks, and cybersecurity standards
• Ability to operte both strategically and hands-on in a fast-paced environment
• Excellent analytical, problem-solving, and organizational skills
• Strong verbal and written communication skills

Nice To Haves

• Experience with Trend Antivirus a plus
• Experience with Arctic Wolf a plus
• Experience with KnowBe4 a plus
• Knowledge of CMMC certification process a plus

Responsibilities

• Defining and executing the IT Security strategy
• Managing the company's online security awareness program
• Ensuring compliance with applicable standards
• Maintaining the confidentiality, integrity, and availability of company systems and data
• Leading risk management efforts, including penetration testing, remediation, and incident response planning
• Managing the relationship with PPC's third-party Security Operations Center (SOC) provider to research and implement recommendations to strengthen PPC's overall security posture, practices and responsiveness to threats
• Developing and overseeing a comprehensive security strategy that integrates cybersecurity and risk management programs while ensuring alignment with business objectives and regulatory requirements
• Managing and maturing the organization's cybersecurity posture, including endpoint, network, and cloud security
• Administering and optimizing security technologies including Microsoft Defender for Endpoint / Defender for Cloud, Azure Security Center, Okta / Azure AD for Identity & Access Management, etc.
• Leading the development and execution of the security awareness program to promote a security culture
• Providing leadership to ensure the confidentiality, integrity, and availability of company systems and data
• Conducting routine penetration testing and security audits, coordinating timely remediation and mitigation of identified vulnerabilities
• Ensuring adherence to cybersecurity frameworks and standards (e.g., NIST, CMMC, etc.) to maintain regulatory compliance
• Overseeing incident response planning and execution, including investigations, documentation, and corrective actions
• Performing risk assessments and vulnerability analyses to proactively identify threats
• Providing executive reporting on risk posture, audit findings, and key security metrics
• Managing relationships with third-party Security Operations Center (SOC) providers ensuring alignment with organizational cybersecurity goals
• Implementing SOC recommendations to enhance threat detection, response capabilities, and overall security posture
• Overseeing monitoring and detection systems to ensure timely identification and response to security threats
• Pre-planning and identifying the methods to eliminate hazards daily by work task
• Executing skill in observing habits and hazards of others and bringing it to their attention
• Upholding safety as the most important goal of our company. Support goal of achieving zero accidents
• Promoting and encouraging open communication between field and office regarding all safety concerns, suggestions, improvements, and PPE needed
• Obtaining safety training as expected by all company personnel