Apply on Employer Site

Graham Manufacturing · 1 month ago

Cyber Security Program Manager

Batavia,NY,US

Full-time

Onsite

Senior Level

Graham Manufacturing is seeking a Cyber Security Program Manager to develop and oversee the cybersecurity program. The role involves identifying and mitigating cyber risks through policy creation, risk assessments, and managing compliance with various cybersecurity frameworks.

EnergyHeating Ventilation and Air Conditioning (HVAC)Renewable Energy

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Develop cyber education and training programs

Develop Cybersecurity policies, procedures, and processes

Manages all requirements for cyber reporting of incidents with the IT Manager

Develop and manage requirements around pen testing and other cyber threat testing

Validates security and configuration of third party software, when needed

Designs and implements Vendor Risk Management program

Defines and manages tools needed for E-discovery and computer forensic needs

Configures GRC tool and monitoring plans to support any audits

Management of security and requirements and RMF configurations of systems

Management of Documenting and submitting systems in E-Mass either directly or as advisor to other security staff

Management of Security Training program to support classified systems

Management of training and support of IT security staff for classified systems

Support the FSO as AFSO if needed

Research/procurement/creation/monitoring/improvement of technology, systems, equipment & processes

Recommends mitigations for insider threat risks

Determines and manages security software evaluations and implementations to support the cyber program

Hands on implementation of security software, tools, or processes

Develop, lead, staff, manage high performing team

Lead compliance efforts for CUI and NNPI processing

Lead CMMC compliance and certification efforts

Lead NN-801-Rev5 compliance

Lead NIST 800-171 requirements

Manage internal and external audits and certifications

Update cyber scores in SPRS, Exostar or other government required systems

Leads internal and external audit teams for all compliance

Create a robust incident response team and processes including the creation and execution or regular tabletop exercises and playbooks

Provide effective communication and reporting to all stakeholders

Develop and present cyber security and risk management presentations to senior management and board members, as needed

Develops training materials and trains other staff

Reports incidents to DCSA, NCIS, FBI, DIBNET and others, as needed

Logs incidents into government systems for review

Manages cyber insurance evaluations and determines best path for reducing risk and keeping coverages

Takes lead in maintaining or developing IT processes

Project management

Software evaluation

System administration, if needed

Custom programming, if needed

Performs other related duties as required and assigned

Qualification

Cybersecurity program managementCMMC complianceNIST 800-171Risk management framework (RMF)Cybersecurity policy creationIncident response managementIT auditing & compliancePenetration testingCommunication skillsProject managementTeam managementOrganizational skillsProblem-solving skillsAttention to detail

Required

Degree in computer science or cybersecurity or applicable work experience

Strong cybersecurity or computer forensics background

Working knowledge of RMF, CMMC, NIST, ITAR, EAR, PCI, NNPI/NOFORN (NN801-REV 5) and other security frameworks

Proficient in Microsoft Office software products

Possession of or ability to obtain CISSP certification within 2 years of taking position

Possession of or ability to get within 1 year – Active Security clearance

Ability to work efficiently with many different types of people, skill levels, and personalities

Demonstrate behavior consistent with company values

Maintain strict confidentiality regarding company matters

Proficiency in word processing, spreadsheet, presentation, project management, enterprise resource planning, database software

Ability and willingness to abide by set policies and/or safety programs established by Graham, our clients, and/or regulatory agencies which govern our performance and behavior in the normal course of our work while on Graham or the client's property or job site

Excellent written and verbal communication skills

Strong organizational and time management skills

High attention to detail

Ability to successfully plan and implement objectives within established timelines and work schedules

Ability to analyze problems and develop effective solutions at both strategic and functional levels

Develop strategies to achieve organizational goals; Understand organization's strengths and weaknesses; Analyzes market and competition; Identifies external threats and opportunities; Adapts strategy to changing conditions

Demonstrate behavior consistent with company values

Ability to work independently, with minimal direction as a highly motivated self-starter and within a team oriented culture

Must be a U.S citizen

Must be able to obtain US government security clearance if required