Manager, Cyber Security

USIC

Indianapolis, Indiana(remote)

JOB DETAILS
SKILLS
Access Control, Amazon Web Services (AWS), Analysis Skills, Best Practices, Budgeting, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cloud Computing, Communication Skills, Computer Security, Cross-Functional, DevOps, Distribution Management, Establish Priorities, External Audit, GCP (Good Clinical Practices), Hybrid Cloud, IR (Infrared), ISO (International Organization for Standardization), Incident Management, Incident Response, Information/Data Security (InfoSec), Internal Audit, Internet Security, Leadership, Legal, Machine Tool, Mentoring, Metrics, Microsoft Product Family, Microsoft Windows Azure, Performance Reviews, Presentation/Verbal Skills, Risk, Risk Analysis, Scalable System Development, Security Architecture, Security Information and Event Management (SIEM), Security Monitoring, Security Policy, ServiceNow, Single Sign-On (SSO), Software Development Lifecycle (SDLC), Splunk, Trend Analysis, U.S. National Institute of Standards and Technology (NIST), Vendor/Supplier Relations, Writing Skills
LOCATION
Indianapolis, Indiana
POSTED
5 days ago
Job Description:

Location: 100% remote, must live in Central or Eastern Region

Salary Range: $150,000 - $165,000

Company Overview

Performing over 80 million locates annually, USIC is the most trusted name in underground utility damage prevention. USIC also provides a full suite of utility services throughout North America. Our Mission: to deliver quality, efficient, safe, and innovative solutions to protect our partners’ infrastructure and critical assets. Our Culture is known as Living the SAFE-LIFE: Protecting Infrastructure, Protecting Our Communities, Protecting Ourselves.

Summary

The Cybersecurity Manager is a senior role responsible for leading, maturing, and hands-on execution of the organization’s information security program. Operating across a large enterprise environment of 2,500–10,000 employees in a hybrid cloud/on-premise landscape, this individual will serve as both a strategic program leader and a working technical practitioner. With one direct report, the Cybersecurity Manager must be capable of operating independently, driving security initiatives end-to-end, and building a scalable security function aligned to industry best practices including NIST CSF, CIS Controls, and ISO 27001.

Responsibilities

  • Own and mature the organization’s information security program and policy framework
  • Lead risk assessments and maintain the enterprise risk register with remediation tracking
  • Develop and enforce security policies, standards, and procedures aligned to NIST CSF and CIS Controls
  • Report security posture, risk trends, and program metrics to senior leadership and stakeholders
  • Manage internal and external audit engagements related to cybersecurity
  • Oversee day-to-day security monitoring across SIEM, EDR, and network detection tooling
  • Define detection and alerting strategies; tune rules to reduce false positives
  • Review and triage escalated alerts; serve as a hands-on analyst when needed
  • Maintain and improve SOC playbooks, runbooks, and escalation procedures
  • Serve as the Incident Response lead for all cybersecurity events and breaches
  • Develop, maintain, and exercise the Incident Response Plan (IRP) and associated playbooks
  • Coordinate cross-functional response with IT, Legal, HR, and Executive leadership
  • Conduct post-incident reviews and drive remediation of identified gaps
  • Oversee security architecture reviews for on-premise and cloud environments (AWS, Azure, or GCP)
  • Ensure security-by-design principles are applied to infrastructure changes and new deployments
  • Manage vulnerability management program including scanning, prioritization, and remediation tracking
  • Partner with IT and DevOps teams to embed security controls into the SDLC and cloud pipelines
  • Govern IAM strategy including role-based access control (RBAC), least privilege, and access reviews
  • Oversee MFA, SSO, and privileged access management (PAM) implementations
  • Conduct and manage periodic user access certifications across enterprise systems
  • Partner with HR and IT on joiner/mover/leaver lifecycle processes
  • Manage and mentor one direct report (Cybersecurity Analyst / Engineer)
  • Define team priorities, manage workload distribution, and conduct performance reviews
  • Build and maintain a multi-year cybersecurity roadmap aligned to organizational risk appetite
  • Manage security tool stack, vendor relationships, and departmental budget

Requirements

  • 7+ years of experience in cybersecurity, with at least 2 years in a lead or management capacity
  • Demonstrated hands-on experience across two or more security domains (GRC, SOC, IR, Cloud Security, IAM, TPRM)
  • Proficiency with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar)
  • Experience with vulnerability management tools (e.g., Tenable, Qualys, Rapid7)
  • Working knowledge of cloud security in AWS, Azure, or GCP hybrid environments
  • Strong understanding of security frameworks: NIST CSF, CIS Controls, ISO 27001
  • Proven ability to lead incident response engagements end-to-end
  • Excellent written and verbal communication skills; ability to present to executive stakeholders
  • CISSP, CISM, CISA, or equivalent industry certification, preferred
  • Experience building or significantly maturing a security program
  • Familiarity with GRC platforms (e.g., ServiceNow GRC, Archer, OneTrust)
  • Experience with PAM tooling (e.g., CyberArk, BeyondTrust)
  • Background in a large enterprise environment (2,500+ employees)

We are an Equal Opportunity Employer.  Veterans are encouraged to apply.

About the Company

U

USIC