Manager of Cybersecurity

Cold Spring Harbor Laboratory, United States

Updated: over 1 year ago
Location: Cold Spring Harbor, NEW YORK
Job Type: FullTime
Deadline: ;

Requisition Information


Requisition Title Manager of Cybersecurity
Position Category Information Technology
Requisition Number 01698-A


Opening Information


Job Status Full Time
Education Required Undergraduate Degree
Experience Required 7 - 10 Years
Position Description
The IT department at Cold Spring Harbor Laboratory is seeking an accomplished security professional to lead our organization’s security initiatives. The Manager of Cybersecurity is accountable for successfully achieving organizational objectives for network and system security, in an academic environment centered on scientific research.
The Manager of Cybersecurity reports to the Chief Information Officer and collaborates closely with members of the IT staff, including the Director of IT, Systems & Storage Manager and the Sr. Network Engineer.
The Manager of Cybersecurity is responsible for day-to-day tasks of the Laboratory’s IT protective services, risk management, engineering, analysis, and investigations. The Manager of Cybersecurity collaborates with the Laboratory’s faculty, director of facility(physical) security, departmental heads, staff, and/or service firms, to maintain the confidentiality, integrity, and accessibility of Laboratory systems and networks.
The Manager of Cybersecurity oversees and works to improve the Security Information and Event Management (“SIEM”) competency. The Manager of Cybersecurity prototypes, configures, troubleshoots, and maintains an extensive variety of security focused services, products, and equipment that provide technical and administrative controls. The Manager of Cybersecurity recommends products or services best suited for the Laboratory’s cybersecurity needs.
Role Responsibilities:
Protect, Analyze, and Defend
• Develops unique cyber indicators to maintain constant awareness of the status of the highly dynamic operating environment. Collects, processes, analyzes, and disseminates cyber warning assessments.
• Uses data collected from a variety of cyber defense SEIM tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
• Directly or through collaboration with other staff, consultants and/or managed services, tests, implements, deploys, maintains, and administers the infrastructure hardware and software.
• Identifies, collects, examines, and preserves evidence using controlled and documented analytical and investigative techniques. Investigates, analyzes, and responds to cyber incidents within the network environment or technology services enclave.
Engineer, Operate, and Maintain
• Designs enterprise and systems security throughout the systems development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into security designs and processes.
• Conducts software and systems engineering and software systems research to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cybersecurity systems.
• Data Analysis: Examines data from multiple disparate sources with the goal of providing new insight. Designs and implements custom algorithms, flow processes and layouts for complex, enterprise-scale data sets used for modeling, data mining, and research purposes.
• Responsible for the management and administration of processes and tools that enable the organization to identify, document, and access intellectual capital and information content.
Governance, Risk Management, BCP, and Evaluations
• Draft, propose, and maintain cybersecurity policies and procedures.
• Maintain the cybersecurity risk register and update annually.
• Monitor routine vulnerability analysis and initiate remedial activities tracking to completion and/or management acceptance of residual risk.
• Maintain, test, and update IT business continuity plans and disaster recovery plans.
• Conduct prospective, and update as needed, evaluations of all technology and IT services to confirm alignment with research requirements and communicate status as needed.
Position Requirements
Qualifications:
EDUCATION: Undergraduate in a related field, (Masters Preferred) Certification(s) in one or more of the following areas: GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), CISA: Certified Information Security Auditor, CEH: Certified Ethical Hacker, CISM: Certified Information Security Manager, or CompTIA Security+.
EXPERIENCE: Minimum of 6 years of professional IT experience, working hands on in a complex, outsourced, enterprise-level technology infrastructure. Experience working with scientific researchers and/or academic faculty preferred. Experience with a hybrid cloud environment (integrating on-premise technology with hosted cloud environment) preferred. Operations experience in areas of IT security management, familiarity with SOC2 type I and II, NIST, ISO27001 security and similar frameworks.
SKILLS: Experience in the following platforms, systems, applications and network hardware including: Azure, Windows Server, Active Directory, Exchange, and Office365. Palo Alto, Fortinet. Linux/CentOS,TCP/IP, firewall and systems security, network and system monitoring/logging, network switching and routing, business continuity and disaster recovery. Interpersonal communications experience (oral and written) with the ability to be accurate, precise and, whenever possible, succinct in messaging about complex problems to be solved and/or work to be completed.
Compensation and Benefits:
Our employees are compensated from a total rewards perspective in many ways for their contributions to our mission, including competitive pay, exceptional health benefits, retirement plans, time off, a range of recognition, wellness programs and access to an affordable and licensed on-site childcare center. Visit our CSHL Benefits site to learn more.
How to Apply:
For immediate consideration, candidates should create an account and apply to the position found here: https://cshl.peopleadmin.com/postings/19188 Position ID: 01698-A
Environment:
Cold Spring Harbor Laboratory is a world-renowned research and education institution recognized internationally for its excellence in fundamental areas, such as cancer, neuroscience, plant biology, genomics, and quantitative biology. The Laboratory has long been recognized as a place for nurturing young scientists, with post-doctoral researchers being an integral part of the discovery process. The Laboratory offers a warm, collegial, and collaborative work environment in a beautiful location about one hour from New York City.
You are required to be fully vaccinated for COVID-19 as a condition to your employment at the Laboratory. You will be required to provide proof of your vaccination on your first day of employment. For those individuals, who are unable to receive a vaccine due to access issues, they will be expected to receive the vaccine upon arrival in New York.
CSHL is an EO/AA Employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status. VEVRAA Federal Contractor

Similar Positions