Logo
Harry's

Cybersecurity Risk Manager

Harry's, New York, New York, us, 10261


Harry’s Inc. is building a modern CPG company by putting people first and delivering against real unmet consumer needs.

The company’s flagship brand - Harry’s - was founded by Jeff Raider and Andy Katz-Mayfield in 2013. After successfully launching and scaling Harry’s, Jeff and Andy saw an opportunity to bring their experience building Harry’s to other CPG categories where the consumer has also been historically underserved.

Harry’s Inc. has grown significantly over the last ten years, and is now made up of four brands - Harry’s, Flamingo, Lume, Mando - and Harry’s Labs, the company’s incubation and M&A engine. The company employs more than 900 people across the U.S., U.K. and Germany, and is the largest CPG company built in the last 20 years.

At Harry’s Inc, our mission is to Create Things People Like More — whether it's a product, an experience, or an internal tool, we believe in making the things around us better for our customers, and our team.

Our mission extends beyond customers and team, to the community broadly. We believe that the best business models make a positive impact. So, we set aside 1% of sales across Harry’s, Flamingo, and Lume to support our social mission, including through donations to our nonprofit partners.

At the end of the day, the key to our success is our amazing people. From chemists, mechanical engineers, CX associates, to creative directors, sourcing managers, and logistics specialists, the Harry’s team is composed of some of the most brilliant, diverse, and humble people you’ll ever meet. Our company is a place of inclusion, innovation, and deeply ingrained values.The Harry's Inc working model is in-office Tuesday, Wednesday, and Thursday. Our beautiful 70,000 square foot SoHo office is decked out with bagels on Wednesdays and lunch on Thursdays, and fully stocked kitchens with snacks, coffee, and drinks everyday. Can’t forget the free products and the opportunity to have some meetings without Zoom!Job Summary:The Cybersecurity Risk Manager is responsible for identifying, assessing, and mitigating risks associated with information security. This role involves analyzing and evaluating the organization's information security posture, conducting risk assessments, and recommending security measures to protect against potential threats. The ideal candidate will have a strong understanding of cybersecurity principles, risk management frameworks, and compliance requirements.Key Responsibilities:

Risk Assessment and Management:Conduct comprehensive risk assessments to identify vulnerabilities and threats to the organization's information assets.Evaluate the potential impact and likelihood of identified risks.Develop and maintain risk registers and documentation.Recommend and implement risk mitigation strategies.Security Policies and Procedures:Develop, review, and update information security policies, procedures, and guidelines.Ensure compliance with industry standards, regulations, and best practices.Collaborate with other departments to integrate security policies into organizational processes.Threat and Vulnerability Management:Monitor and analyze security threats and vulnerabilities using various tools and techniques.Conduct regular vulnerability assessments and penetration testing.Coordinate response efforts for security incidents and breaches.Compliance and Audit:Assist in ensuring compliance with relevant regulations (e.g., GDPR, HIPAA, PCI-DSS) and standards (e.g., ISO 27001, NIST).Prepare for and support internal and external audits.Implement and manage security controls to meet compliance requirements.Assist with GRC tracking across the organization.Security Awareness and Training:Assist with delivery of security awareness training programs for employees.Promote a culture of security awareness within the organization.Reporting and Communication:Prepare security posture reports for Director of Cybersecurity.Develop reports and evaluate the results of the vendor assessments.Stay updated with the latest cybersecurity trends, threats, and technologies.Recommend and implement improvements to the organization’s cybersecurity posture.Qualifications:

Education:Bachelor’s degree in Information Security, Computer Science, or a related field.Experience:Minimum of 3-5 years of experience in cybersecurity, risk management, or a related field.Proven experience in conducting risk assessments and vulnerability assessments.Skills:Strong understanding of cybersecurity principles, risk management frameworks (e.g., NIST, ISO 27001), and regulatory requirements.Proficiency with security tools and technologies (e.g., SIEM, IDS/IPS, vulnerability scanners).Excellent analytical, problem-solving, and decision-making skills.Strong communication and interpersonal skills.Working Conditions:

This position may require occasional travel.Ability to work in a fast-paced and dynamic environment.Availability for on-call duty in case of security incidents.Benefits and perks:Medical, dental, and vision coverageEquity in Harry’sFlexible time off and working hoursWellness and L&D stipends4 weeks sabbatical after 5 years, 6 weeks after 10 years, and 8 weeks after 15 yearsUp to 20 weeks of pregnancy leave and up to 16 weeks of parental leaveFun IRL and virtual events including happy hours, team building events, and parties on our rooftopFree products from all of our brandsHarry’s is committed to bringing together individuals from different backgrounds and perspectives. We strive to create an inclusive environment where everyone can thrive, feel a sense of belonging, and do great work together.Harry’s is an Equal Opportunity Employer, providing equal employment and advancement opportunities to all individuals.We can’t quantify all of the intangible things we think you’ll love about working at Harry’s, like the exciting challenges we tackle, the smart and humble team you’ll get to work with, and our supportive and inclusive culture.Apply for this job

* indicates a required fieldFirst Name *Last Name *Email *Phone *Resume/CV *Accepted file types: pdf, doc, docx, txt, rtfLinkedIn ProfileWebsiteHow did you hear about this job? *Are you legally authorized to work in the United States today? *Will you now or in the future require sponsorship for an employment-authorizing status or visa? *Do you have a non-compete that is currently in effect? *Demographic Questions - US

Please take a moment to self-identify via this voluntary survey.Will not be accessible to anyone making hiring decisions with respect to this role.Will have no bearing on your application or candidacy.This data will be used exclusively for analytics-based reporting related to our Diversity & Inclusion efforts.

#J-18808-Ljbffr