Cybersecurity Manager

Cybersecurity Manager

The Cybersecurity Manager will lead the organization's cybersecurity strategy, ensuring compliance with industry standards, contractual obligations, and regulatory requirements. This role is responsible for managing cybersecurity programs, reviewing customer contracts for security obligations, and driving continuous improvement in organizational cybersecurity posture. The ideal candidate will have deep expertise in NERC CIP compliance and hold advanced cybersecurity certifications or degrees.

Key Responsibilities

• Develop, implement, and maintain enterprisewide cybersecurity policies, standards, and procedures.
• Oversee risk assessments and vulnerability management programs.
• Monitor and report on cybersecurity performance metrics and compliance status.
• Maintain relationships with relevant product and engineering teams, providing expert advice and guidance on cybersecurity topics.

• Ensure adherence and monitoring of processes related to NERC CIP standards and other applicable regulations as required by customer contracts.
• Prepare for and lead internal and external audits related to cybersecurity compliance.
• Maintain documentation and evidence for compliance reporting.
• Manage the organization's ISO 27001 and SOC2 certifications, including ownership of the audit processes, non-conformance follow ups, and policy updates to ensure compliance.

• Review and interpret cybersecurity requirements in customer contracts.
• Collaborate with legal and commercial teams to ensure contractual obligations are met.

• Develop and maintain incident response plans.
• Lead investigations and remediation efforts for security incidents.
• Conduct root cause analysis and implement preventive measures.

• Design and deliver cybersecurity awareness programs for employees.
• Design and execute tabletop exercises to test policies and procedures.
• Provide specialized training for teams handling critical infrastructure.

• Identify emerging threats and recommend proactive security measures.
• Evaluate and implement new technologies and leading practices to strengthen security posture.

• Work closely with IT, Operations, Product, Engineering, Legal and Compliance teams to align cybersecurity initiatives with business objectives.
• Manage relationships with external vendors and service providers.

Time & Travel Expectations

• This role is open to any qualified applicant within the United States.
• Depending on their physical location, candidates should expect to participate in video conference calls that originate in different time zones, including those with HQ in Seoul, South Korea.
• Anticipate travel up to 10%.

Qualifications

Education & Certifications

• Bachelor's degree in Cybersecurity, Information Technology, or related field (Master's preferred).
• Advanced cybersecurity certification such as CISSP, CISM, or equivalent.

Experience

• Minimum 7+ years in cybersecurity roles, with at least 3 years in a managerial capacity.
• Proven experience with NERC CIP compliance in the energy sector.
• Strong understanding of risk management frameworks (e.g., NIST, ISO 27001, SOC2).

Skills

• Excellent leadership and communication skills.
• Ability to manage multiple priorities in a fast-paced environment.
• Strong analytical and problem-solving abilities.

Preferred Attributes

• Experience in battery energy storage or renewable energy industry.

Familiarity with OT/ICS security and critical infrastructure protection