Manager, Cybersecurity

Cybersecurity Manager Responsibilities Act as a primary cybersecurity liaison to business stakeholders (Product, Legal, Compliance, Risk, Finance, Operations), enabling risk-informed decision making. Translate business objectives and constraints into actionable security controls, prioritized remediation plans, and risk ownership models. Lead management oversight of security risks and findings, including remediation tracking, timeline accountability, and residual risk acceptance. Support audit, regulatory, and customer assurance activities through control design, evidence review, and remediation planning. Develop and maintain security standards, technical guidance, and documentation to enable consistent control adoption across teams. Escalate cybersecurity risks to senior leadership with clear context, options, and recommended actions. Oversee Managed Security Service Providers (MSSPs) by defining scope, performance metrics, governance rhythms, and continuous assurance of service quality and risk posture. Drive continuous improvement of the cybersecurity program through automation, process optimization, and technical innovation. Provide guidance as a trusted advisor and subject matter expert to engineers, leaders, and cross-functional teams (legal, HR, finance). Partner with communications/training teams to deliver security awareness content and targeted education for employees and contractors. Oversee day-to-day security operations: monitoring, alert triage, and incident response across enterprise, cloud, and SaaS. Serve as a senior escalation point for security incidents; provide technical oversight, decision support, and remediation guidance. Establish and monitor operational standards, SLAs, and KPIs for detection, response, and recovery. Manage incident response planning, tabletop exercises, and post-incident reviews (root cause analysis, corrective actions, executive-ready reporting). Design and enforce secure usage of AI technologies within security operations (mitigate data exposure/misuse; improve alert triage, threat analysis, and automation). Provide technical/architectural support for security controls across endpoints, networks, cloud platforms, and SaaS. Guide security tooling integrations and telemetry pipelines to support high-quality detection, response, and analysis. Conduct security architecture reviews for new systems, products, and third-party services. Ensure alignment with recognized security frameworks (e.g., NIST, Zero Trust) and evolving organizational risk posture. Stay current on emerging threats and defensive technologies; translate intelligence into strategic/operational improvements. Required Education/Experience/Skills Bachelor’s degree in Computer Science, Information Security, Engineering, or related field, or equivalent practical experience. 5+ years of experience in cybersecurity engineering, security operations, or related technical roles. Hands-on experience implementing and operating security controls in enterprise environments. Proven experience collaborating with cross-functional/business stakeholders to deliver security outcomes. Experience and comfort communicating across all levels, including senior leadership. Strong customer service, communication, and stakeholder engagement skills. Experience in a publicly traded, regulated industry (preferably biotech, pharma, or life sciences). Preferred Skills/Certifications CISSP, CISM, CRISC, or CISA. #J-18808-Ljbffr Scorpion Therapeutics