70 applicants

Company

Original Job Post

Endeavor · 5 days ago

Manager, Cyber Security

New York, NY

Full-time

Onsite

Mid Level

$120K/yr - $160K/yr

3+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

ContentMedia and Entertainment

Actively Hiring

Insider Connection @Endeavor

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Help Strategize Cybersecurity Initiatives: Lead the articulation and presentation of strategic cybersecurity initiatives, showcasing how they align with business objectives to ensure the security architecture supports the organization's overall strategy. Work with Security Leadership team to regularly update the cybersecurity roadmap and other artifacts to reflect evolving threats and technological advancements.

Drive Security Awareness and Training Programs: Manage the training calendar and metrics for security awareness programs for all employees, contractors, including curriculum for special roles such as developers and incident handlers. Support human-led training through the cultivation and development of presentations and other materials and facilitate training session logistics.

Collect and Report Metrics for Incident Response Planning and Execution: Ensure the readiness of the incident response team by regularly reviewing and updating incident response plans. Coordinate simulations and drills to enhance the organization's preparedness for cyber incidents.

Manage Security Vendors and Procurement to Reconciliation (actuals): Ensure timely and efficient solution procurement, renewals, and management of the security supply-chain. Reforcast based on actuals. Support annual budgeting through cost modeling license count against existing contracts.

Enhance Security Metrics and Reporting: Develop and refine security metrics and reporting frameworks to provide actionable insights. Regularly prepare reports on these metrics for technical and senior management, highlighting the effectiveness of security measures and identifying areas for improvement. Create, collect, maintain, and update expressive, monthly, dashboard slides to show KPIs, trends, and key observations for internal IT and external stakeholders, including quarterly executive briefings.

Optimize Vendor Risk Management: Conduct thorough security assessments of third-party vendors and partners.

Contribute to Regulatory Compliance Efforts: Lead efforts to prepare for security audits, conduct internal security control checks, and address any identified gaps in metrics and reporting.

Foster Inter-Departmental Collaboration: Serve as the cybersecurity liaison to other departments, ensuring that security considerations are integrated into technological development, business processes, and project management practices.

Champion Continuous Improvement: Implement a continuous improvement process for the security program, regularly reviewing and optimizing security policies, procedures, and controls based on feedback and changing security landscape. Coordinate across the Cybersecurity department to establish and report processes on Goals using Objectives, and Key Results (OKR) framework.

Foster collaboration by working across Endeavor’s Business Units and Fucntional Areas: Support the meeting logistics of the Data Governance and Information Security Working Group and other cross-functional teams, as needed.

Sustain and support the IT Risk Management program: Leverage Governance Risk and Compliance tools and process to drive the documentation, ownership, and resolutions of risks across the organization.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

IT program managementFinancial operationsKPI articulationExecutive presentationsStatus reportsIT cybersecurityData securityCompliance programsPrivacy programsRegulatory complianceData confidentialityData integritySystem availabilityISO NISTPCISOCSarbanes-OxleyCCPAGDPRHIPPAProject governanceLife-cycle managementChallenging situations managementCybersecurity conceptsMitigation practicesAdvanced Persistent ThreatCredentialSession TheftZero Trust

Required

3+ years of experience in managing IT programs supporting financial operations, articulating KPIs, and supporting the creation of executive presentations and status reports.

Some experience with IT cybersecurity functions that support data security, compliance, and privacy programs or relevant technology/risk management experience.

Experience or familiarity with regulatory and other security compliance related to data confidentiality, integrity, and system availability, including frameworks such as ISO 27001, NIST, PCI, and SOC, and practical understanding and experience with Sarbanes-Oxley (SOX) General Computing Controls, CCPA, GDPR, and/or HIPPA.

Experience with project governance and awareness of life-cycle management.

Results-oriented, capable of defining an approach, developing consensus, committing to a direction, and driving operations to completion.

Demonstrated ability to manage challenging situations in a fast-paced environment while developing and sustaining cooperative and constructive working relationships.

Effective communication and collaboration skills across all levels and ability to manage relationships across different business and functional areas.

Bachelor’s degree or equivalent professional experience.

Cursory knowledge of Cybersecurity concepts and mitigation practices, such as Advanced Persistent Threat (APT), Credential and Session Theft, Zero Trust, Bring Your Own Device (BYOD), Privileged Access Management, MS Just-in-time Administration, etc.