Access Control, Applications Security, Automation, Cloud Applications, Communication Skills, Computer Security, Continuous Improvement, Cross-Functional, Due Diligence, Establish Priorities, Incident Response, Internet Security, Leadership, Maintain Compliance, Metrics, Onboarding, Operational Audit, Operational Communications, Operational Improvement, Operations Management, Operations Planning, Operations Security (OPSEC), Organizational Skills, People Management, Problem Solving Skills, Process Improvement, Program Evaluation, Protective Services, Reporting Dashboards, Reporting Skills, Risk, Risk Analysis, Risk Management, Security Analysis, Security Architecture, Security Attacks, Security Infrastructure, Security Monitoring, Service Delivery, Service Level Agreement (SLA), Technical Operations, Time Management, Vendor/Supplier Management
Reporting to the Senior Director, Cybersecurity & Compliance, the Senior Manager, Cybersecurity Operations & Risk Management is responsible for the operational oversight and continuous improvement of cybersecurity operations, incident response, vulnerability management, and technical risk reduction activities. This is a senior manager-level individual contributor role that leads initiatives through influence, coordination, and cross-functional partnership rather than direct people management.
The role partners with IT teams, business stakeholders, vendors, and managed service providers to strengthen security controls, reduce risk, and drive timely remediation of security issues. As the operational lead for key cybersecurity functions, this position helps ensure threats, vulnerabilities, and control weaknesses are effectively identified, prioritized, and addressed.
The ideal candidate combines strong technical expertise, operational leadership, and communication skills with a demonstrated ability to drive measurable security improvements across a global environment
CORE ACCOUNTABILITIES:
Security Operations & Incident Response
- Lead cybersecurity monitoring, investigations, and incident response activities
- Serve as the operational lead and primary coordinator for cybersecurity incidents and investigations
- Coordinate containment, recovery, stakeholder communications, and post-incident remediation activities
- Develop and maintain incident response procedures, playbooks, and tabletop exercises
- Partner with internal teams, vendors, and managed security service providers to investigate and resolve security events
- Develop operational metrics and reporting related to threats, incidents, response effectiveness, and overall security posture
- Develop and maintain operational dashboards and reporting that provide leadership visibility into critical vulnerabilities, remediation status, technology lifecycle risks, security incidents, and unresolved risk exposures
Vulnerability & Threat Management
- Own vulnerability identification, risk-based prioritization, remediation tracking, exception management, reporting and stakeholder engagement processes. Establish remediation expectations, monitor adherence, remediation SLAs, and escalate aging risks to appropriate technology and business leaders
- Maintain visibility into end-of-life (EOL) and end-of-support (EOS) technology risks. Partner with Infrastructure, Applications, and Architecture teams to ensure replacement, upgrade, or risk mitigation plans are established and tracked before expiration dates
- Partner with technology teams to drive timely remediation of vulnerabilities and security weaknesses
- Develop vulnerability metrics and reporting to measure remediation performance, risk reduction, and program effectiveness
- Manage vulnerability exceptions and ensure risk acceptance decisions are documented and periodically reviewed
- Assess emerging threats and organizational exposure to inform remediation priorities
- Partner with Security Architecture to align remediation efforts with security standards and long-term risk reduction objectives
Security Technology & Operations Improvement
- Serve as the operational owner for cybersecurity technologies and services, ensuring they effectively support threat detection, incident response, vulnerability management, and risk reduction objectives
- Continuously improve security monitoring, detection, response, and reporting capabilities
- Administer and continuously improve endpoint privilege management (EPM) controls to support least-privilege access, application control, and endpoint risk reduction
- Design and optimize operational workflows, dashboards, alerts, and automation opportunities
- Partner with Security Architecture and Infrastructure teams to implement and operationalize new security controls and technologies
- Support onboarding, integration, and optimization of security technologies across the enterprise
- Manage cybersecurity vendor and service provider relationships, ensuring effective service delivery, operational performance, issue resolution, and alignment with security objectives
Security Risk & Control Management
- Conduct technical security assessments to identify cybersecurity risks, control weaknesses, and remediation opportunities across infrastructure, cloud, applications, and security technologies
- Partner with Infrastructure, Cloud, Applications, and Security Architecture teams to develop remediation plans
- Validate implementation and effectiveness of security controls
- Provide technical expertise and evidence in support of cybersecurity audits, assessments, and compliance activities
- Maintain remediation tracking, cybersecurity risk registers, technology lifecycle risk inventories, and operational security improvement plans. Drive regular review of outstanding risks with accountable technology leaders and facilitate escalation of overdue remediation activities
- Assist with third-party security assessments and technical due diligence reviews
Leadership & Collaboration
- Serve as a trusted cybersecurity subject matter expert across operational security initiatives.
- Build strong relationships with technology teams, business stakeholders, vendors, and service providers
- Drive accountability for remediation activities and security commitments
- Foster a culture of operational excellence, continuous improvement, and proactive risk management
- Communicate cybersecurity risks and recommendations to both technical and non-technical audiences
- Establish and lead recurring cybersecurity operational review meetings focused on vulnerability remediation, technology lifecycle risks, exception management, and risk reduction progress across the enterprise