Insight Global
Cybersecurity Manager
Insight Global, Cleveland, Ohio, us, 44101
The Cybersecurity Vulnerability Management manager is responsible for leading the team that identifies, evaluates, and mitigates vulnerabilities within the companys IT infrastructure. Key responsibilities include scanning visibility, synchronization with IT patch management, vulnerability remediation management, exception management, and the generation of appropriate metrics and process management. The incumbent will oversee cross-functional initiatives that require coordination between internal IT, business teams and external vendors. The principal objective will be to guide, influence, and negotiate with key decision-makers to ensure adherence to our vulnerability management requirements and SLAs.
The VM leader will collaborate directly the PSG IT organization, DT infrastructure and the Cybersecurity team to ensure appropriate processes are being followed along with the highest risk vulnerabilities being prioritized. The VM leader will work directly with key leaders across these organizations to determine acceptable levels of risk to remediation to ensure these agreements are documented, and measure the information shared across Sherwin. The VM leader should be able to understand and articulate the impact of vulnerabilities across the Sherwin ecosystem and communicate this to multiple levels within the organization.The ideal candidate will have a strong background in cybersecurity, project management, leadership skills, and a proactive approach to protecting our systems and data.Reporting to this individual will be a cross-functional team of full-time employees and coops. The team makeup currently includes 3 FTE with additional Coops.
ESSENTIAL FUNCTIONS:Team Leadership: Manage and lead a team of vulnerability and scanning analysts as well as reporting capabilities.Provide mentorship, set employee objectives, monitor and evaluate performance, provide feedback, and ensure professional growth and development.Vulnerability Assessment: Oversee the regular scanning and analysis of the companys networks, applications, and systems to identify vulnerabilities.Risk Evaluation: Prioritize vulnerabilities based on risk and develop strategic plans for mitigation or remediation.Develop dashboards and actionable steps to enable asset owners to develop remediation strategies and reduce the attack surface.Patch Management: Collaborate with IT and development teams to ensure timely patching of vulnerabilities.Partner with asset owners and stakeholders across the organization to drive vulnerability remediationEducate teams on best practices for vulnerability management and remediationCompliance and Reporting: Ensure compliance with relevant security regulations and standards. Prepare and present regular vulnerability exposure reports to senior management.Incident Response: Support incident response teams in the event of a security breach or other incidents.Policy Development: Develop and refine vulnerability management policies and procedures to enhance the organization's security posture.Stakeholder Communication: Act as a key point of contact for vulnerability management issues within the organization. Communicate effectively with other managers and stakeholders to align security measures with business objectives.Technology Evaluation: Keep abreast of new security technologies and integrate innovative tools and technologies to enhance vulnerability management capabilities.Budget Management: Manage the budget for the vulnerability management team, including tools, technologies, and training.Minimal travel, up to 5%, may be required.Work outside the standard office 7.5-hour workday may be required.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal. com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .Manufacturing / Operation Technology experienceExperience with ServiceNow PlatformIndustry Certification including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or CompTIA Security+12+ years of experience in IT or cybersecurity6+ years of leading and managing a team of direct reportsUnderstanding of network security protocols, cryptography, and application security.Understanding of security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.Technical infrastructure knowledge (i. e. Windows OS, Linux, container environments and cloud)Familiarity with compliance and regulatory frameworks such as NIST, GDPR, and PCI-DSS.Excellent analytical, problem-solving, and decision-making skills, with a detail-oriented approach.Strong interpersonal and communication skills, capable of writing clear and comprehensive reports and delivering presentations.Bachelors Degree (or foreign equivalent) or in place of a degree, at least 12 years in experience in the field of Information Technology or Business (work experience or a combination of education and work experience in the field of Information Technology or Business)
The VM leader will collaborate directly the PSG IT organization, DT infrastructure and the Cybersecurity team to ensure appropriate processes are being followed along with the highest risk vulnerabilities being prioritized. The VM leader will work directly with key leaders across these organizations to determine acceptable levels of risk to remediation to ensure these agreements are documented, and measure the information shared across Sherwin. The VM leader should be able to understand and articulate the impact of vulnerabilities across the Sherwin ecosystem and communicate this to multiple levels within the organization.The ideal candidate will have a strong background in cybersecurity, project management, leadership skills, and a proactive approach to protecting our systems and data.Reporting to this individual will be a cross-functional team of full-time employees and coops. The team makeup currently includes 3 FTE with additional Coops.
ESSENTIAL FUNCTIONS:Team Leadership: Manage and lead a team of vulnerability and scanning analysts as well as reporting capabilities.Provide mentorship, set employee objectives, monitor and evaluate performance, provide feedback, and ensure professional growth and development.Vulnerability Assessment: Oversee the regular scanning and analysis of the companys networks, applications, and systems to identify vulnerabilities.Risk Evaluation: Prioritize vulnerabilities based on risk and develop strategic plans for mitigation or remediation.Develop dashboards and actionable steps to enable asset owners to develop remediation strategies and reduce the attack surface.Patch Management: Collaborate with IT and development teams to ensure timely patching of vulnerabilities.Partner with asset owners and stakeholders across the organization to drive vulnerability remediationEducate teams on best practices for vulnerability management and remediationCompliance and Reporting: Ensure compliance with relevant security regulations and standards. Prepare and present regular vulnerability exposure reports to senior management.Incident Response: Support incident response teams in the event of a security breach or other incidents.Policy Development: Develop and refine vulnerability management policies and procedures to enhance the organization's security posture.Stakeholder Communication: Act as a key point of contact for vulnerability management issues within the organization. Communicate effectively with other managers and stakeholders to align security measures with business objectives.Technology Evaluation: Keep abreast of new security technologies and integrate innovative tools and technologies to enhance vulnerability management capabilities.Budget Management: Manage the budget for the vulnerability management team, including tools, technologies, and training.Minimal travel, up to 5%, may be required.Work outside the standard office 7.5-hour workday may be required.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal. com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .Manufacturing / Operation Technology experienceExperience with ServiceNow PlatformIndustry Certification including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or CompTIA Security+12+ years of experience in IT or cybersecurity6+ years of leading and managing a team of direct reportsUnderstanding of network security protocols, cryptography, and application security.Understanding of security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.Technical infrastructure knowledge (i. e. Windows OS, Linux, container environments and cloud)Familiarity with compliance and regulatory frameworks such as NIST, GDPR, and PCI-DSS.Excellent analytical, problem-solving, and decision-making skills, with a detail-oriented approach.Strong interpersonal and communication skills, capable of writing clear and comprehensive reports and delivering presentations.Bachelors Degree (or foreign equivalent) or in place of a degree, at least 12 years in experience in the field of Information Technology or Business (work experience or a combination of education and work experience in the field of Information Technology or Business)