Harry's
Cybersecurity Risk Manager
Harry's, New York, New York, us, 10261
Harry's
Shaving tools and well-rounded skin care for every man: thoughtfully made, honestly priced, with a quality guarantee. Harry’s Inc. is building a modern CPG company by putting people first and delivering against real unmet consumer needs. The company’s flagship brand - Harry’s - was founded by Jeff Raider and Andy Katz-Mayfield in 2013. After successfully launching and scaling Harry’s, Jeff and Andy saw an opportunity to bring their experience building Harry’s to other CPG categories where the consumer has also been historically underserved.Harry’s Inc. has grown significantly over the last ten years, and is now made up of four brands - Harry’s, Flamingo, Lume, Mando - and Harry’s Labs, the company’s incubation and M&A engine. The company employs more than 900 people across the U.S., U.K., and Germany, and is the largest CPG company built in the last 20 years.At Harry’s Inc, our mission is to Create Things People Like More — whether it's a product, an experience, or an internal tool, we believe in making the things around us better for our customers, and our team.Job Summary:The Cybersecurity Risk Manager is responsible for identifying, assessing, and mitigating risks associated with information security. This role involves analyzing and evaluating the organization's information security posture, conducting risk assessments, and recommending security measures to protect against potential threats. The ideal candidate will have a strong understanding of cybersecurity principles, risk management frameworks, and compliance requirements.Key Responsibilities:
Risk Assessment and Management:Conduct comprehensive risk assessments to identify vulnerabilities and threats to the organization's information assets.Evaluate the potential impact and likelihood of identified risks.Develop and maintain risk registers and documentation.Recommend and implement risk mitigation strategies.Security Policies and Procedures:Develop, review, and update information security policies, procedures, and guidelines.Ensure compliance with industry standards, regulations, and best practices.Collaborate with other departments to integrate security policies into organizational processes.Monitor and analyze security threats and vulnerabilities using various tools and techniques.Conduct regular vulnerability assessments and penetration testing.Coordinate response efforts for security incidents and breaches.Compliance and Audit:Assist in ensuring compliance with relevant regulations (e.g., GDPR, HIPAA, PCI-DSS) and standards (e.g., ISO 27001, NIST).Prepare for and support internal and external audits.Implement and manage security controls to meet compliance requirements.Assist with GRC tracking across the organization.Security Awareness and Training:Assist with delivery of security awareness training programs for employees.Promote a culture of security awareness within the organization.Reporting and Communication:Prepare security posture reports for Director of Cybersecurity.Develop reports and evaluate the results of the vendor assessments.Stay updated with the latest cybersecurity trends, threats, and technologies.Recommend and implement improvements to the organization’s cybersecurity posture.Qualifications:
Education:Bachelor’s degree in Information Security, Computer Science, or a related field.Experience:Minimum of 3-5 years of experience in cybersecurity, risk management, or a related field.Proven experience in conducting risk assessments and vulnerability assessments.Skills:Strong understanding of cybersecurity principles, risk management frameworks (e.g., NIST, ISO 27001), and regulatory requirements.Proficiency with security tools and technologies (e.g., SIEM, IDS/IPS, vulnerability scanners).Excellent analytical, problem-solving, and decision-making skills.Strong communication and interpersonal skills.Working Conditions:
This position may require occasional travel.Ability to work in a fast-paced and dynamic environment.Availability for on-call duty in case of security incidents.Benefits and perks:Medical, dental, and vision coverageEquity in Harry’sFlexible time off and working hoursWellness and L&D stipends4 weeks sabbatical after 5 years, 6 weeks after 10 years, and 8 weeks after 15 yearsUp to 20 weeks of pregnancy leave and up to 16 weeks of parental leaveFun IRL and virtual events including happy hours, team building events, and parties on our rooftopFree products from all of our brandsHarry’s is committed to bringing together individuals from different backgrounds and perspectives. We strive to create an inclusive environment where everyone can thrive, feel a sense of belonging, and do great work together.Harry’s is an Equal Opportunity Employer, providing equal employment and advancement opportunities to all individuals.
#J-18808-Ljbffr
Shaving tools and well-rounded skin care for every man: thoughtfully made, honestly priced, with a quality guarantee. Harry’s Inc. is building a modern CPG company by putting people first and delivering against real unmet consumer needs. The company’s flagship brand - Harry’s - was founded by Jeff Raider and Andy Katz-Mayfield in 2013. After successfully launching and scaling Harry’s, Jeff and Andy saw an opportunity to bring their experience building Harry’s to other CPG categories where the consumer has also been historically underserved.Harry’s Inc. has grown significantly over the last ten years, and is now made up of four brands - Harry’s, Flamingo, Lume, Mando - and Harry’s Labs, the company’s incubation and M&A engine. The company employs more than 900 people across the U.S., U.K., and Germany, and is the largest CPG company built in the last 20 years.At Harry’s Inc, our mission is to Create Things People Like More — whether it's a product, an experience, or an internal tool, we believe in making the things around us better for our customers, and our team.Job Summary:The Cybersecurity Risk Manager is responsible for identifying, assessing, and mitigating risks associated with information security. This role involves analyzing and evaluating the organization's information security posture, conducting risk assessments, and recommending security measures to protect against potential threats. The ideal candidate will have a strong understanding of cybersecurity principles, risk management frameworks, and compliance requirements.Key Responsibilities:
Risk Assessment and Management:Conduct comprehensive risk assessments to identify vulnerabilities and threats to the organization's information assets.Evaluate the potential impact and likelihood of identified risks.Develop and maintain risk registers and documentation.Recommend and implement risk mitigation strategies.Security Policies and Procedures:Develop, review, and update information security policies, procedures, and guidelines.Ensure compliance with industry standards, regulations, and best practices.Collaborate with other departments to integrate security policies into organizational processes.Monitor and analyze security threats and vulnerabilities using various tools and techniques.Conduct regular vulnerability assessments and penetration testing.Coordinate response efforts for security incidents and breaches.Compliance and Audit:Assist in ensuring compliance with relevant regulations (e.g., GDPR, HIPAA, PCI-DSS) and standards (e.g., ISO 27001, NIST).Prepare for and support internal and external audits.Implement and manage security controls to meet compliance requirements.Assist with GRC tracking across the organization.Security Awareness and Training:Assist with delivery of security awareness training programs for employees.Promote a culture of security awareness within the organization.Reporting and Communication:Prepare security posture reports for Director of Cybersecurity.Develop reports and evaluate the results of the vendor assessments.Stay updated with the latest cybersecurity trends, threats, and technologies.Recommend and implement improvements to the organization’s cybersecurity posture.Qualifications:
Education:Bachelor’s degree in Information Security, Computer Science, or a related field.Experience:Minimum of 3-5 years of experience in cybersecurity, risk management, or a related field.Proven experience in conducting risk assessments and vulnerability assessments.Skills:Strong understanding of cybersecurity principles, risk management frameworks (e.g., NIST, ISO 27001), and regulatory requirements.Proficiency with security tools and technologies (e.g., SIEM, IDS/IPS, vulnerability scanners).Excellent analytical, problem-solving, and decision-making skills.Strong communication and interpersonal skills.Working Conditions:
This position may require occasional travel.Ability to work in a fast-paced and dynamic environment.Availability for on-call duty in case of security incidents.Benefits and perks:Medical, dental, and vision coverageEquity in Harry’sFlexible time off and working hoursWellness and L&D stipends4 weeks sabbatical after 5 years, 6 weeks after 10 years, and 8 weeks after 15 yearsUp to 20 weeks of pregnancy leave and up to 16 weeks of parental leaveFun IRL and virtual events including happy hours, team building events, and parties on our rooftopFree products from all of our brandsHarry’s is committed to bringing together individuals from different backgrounds and perspectives. We strive to create an inclusive environment where everyone can thrive, feel a sense of belonging, and do great work together.Harry’s is an Equal Opportunity Employer, providing equal employment and advancement opportunities to all individuals.
#J-18808-Ljbffr