Cyber Security Senior Manager

The Role

The Senior Manager, Cyber Security is a hands-on position reporting to the Chief Technology Officer, working with other senior leaders & stakeholders within the company.

Key responsibilities

• Oversee key areas of the CyberSecurity Program including security incident response, vulnerability management, data protection, and risk management.
• Develop strategies and security initiatives to assess and improve physical, technical, and administrative safeguards and/or controls.
• Create, maintain & implement security policies, standards, guidelines, processes and procedures to ensure ongoing protection of information assets.
• Implement and maintain Security controls that support NIST, SOC2, SOX & PCI frameworks.
• Recognize a possible security vulnerability, incident, or violation and take appropriate action to report and mitigate, as required.
• Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
• Oversee proper and full use of the suite of existing cyber security tools, processes, runbooks, assessments, and plans.
• Propose plans for continuous improvement and execute on approved plans and timelines.
• Implement methods for auditing and addressing non-compliance to standards and for bringing non-compliant environments into compliance.
• Integrate cybersecurity requirements into the business continuity planning for critical systems and during the evaluation of new systems being considered or proposed.
• Responsible for managing the Cyber Security Awareness Training Program.
• Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
• Collaborate with internal and vendor engineering teams in the security space, ensuring the incorporation of industry best practices.
• Identify and provide solutions to minimize project exposure and risk, effectively addressing program roadblocks and driving a mitigation plan.
• Generate data-driven status reports for a broader audience, consolidating data from various sources for governance meetings with leadership.
• Create support materials, including process documentation, testing analysis methodology, and other artifacts for internal and external audits.
• Monitor IT infrastructure, operations, and critical applications for proper application of security controls and process adherence.
• Respond to incidents or emergencies as they arise, ensuring proper communication and actions are taken, recommend mitigation strategies, and see through to resolution.
• Possess a strong ability to influence and engage effectively with stakeholders across different functions, demonstrating skill and the talent to Information Security goals across the organization.

Organizational structure

Reports to: Chief Technology Officer

Location: Oslo, Norway (preffered location) or London, UK

What we are looking for

• Passion for the outdoors, skiing, sailing & related activities.
• Required Bachelor level education in any of the following disciplines: Information systems, computer science, cyber/information security.
• At least 8+ years of multifaceted security management experience, demonstrating progressive responsibilities and accomplishment in information security management in large, complex organizations.
• Demonstrated experience applying security and risk management frameworks, and regulations such as NIST, ISO 27001, etc.
• Knowledge of Zero Trust Architecture, Mobile Device Management (MDM), Endpoint detection and Response (EDR), cloud security controls, data security, risk management, security readiness backed with Identity Access Management, Security Information and Event Monitoring (SIEM), Business resumption and contingency planning, cyber incident, and crisis management, etc.
• Knowledge of hacking techniques, vulnerability disclosures, and security analysis techniques.
• Knowledge of malware families, botnets, threats by sector, attack campaigns and attack methods.
• Experience with developing strategic planning, budgeting, and resource management of InfoSec initiatives.
• Familiar with cloud Security architectures in major cloud platforms.
• Proficiency in core project management and Agile principles, including hybrid and SCRUM methodologies and ability to lead complex cybersecurity initiatives.
• Professional certification in Information Security and/or Information System Risk Management is desired.

Work Environment

• Ability to thrive in a lean, high-growth, start-up environment.
• Ability to work well across functions, diverse communities and different time zones.

We offer

• A culture that rewards excellence in an exciting phase of growth and new opportunities
• An ambitious, dynamic, creative, and international environment
• Competitive compensation and benefits, and an active environment with passion for sports
• Discounts on great gear
• Travel Requirements:Ability to travel up to 10%, including potential international travel.

This position is a full-time employment.

Any questions can be directed to khorsle at hellyhansen.com

Application is ONLY accepted in portal(Due to personal data protection rules) and not later than 30 April 2024.