BMT Technology Leaders are self-motivated, business-focused change agents. The Cyber Security Manager is passionate about security and plays a vital technical and professional leadership role in securing our data, protecting our services, and advancing our technology platforms. Responsibilities include leading a team of technical security professionals to select, implement, test, and monitor our cyber security controls. The Cyber Security Manager will partner with other technical and risk management leaders to ensure strong security engineering and risk management practices are maintained and continuously improved. Develops strategies action plans, budgets, management reports, and other leadership communications intended to improve the awareness and decisions of the organization. This role must demonstrate strong technical judgement and strategic thinking to contribute to the success of BMT’s technology operations, strategy, and business success.
This position will primarily be a remote working role with ability to come into the office as needed (Berwyn, PA, Chestnut Hill, PA, Bryn Mawr, PA or Wayne, PA).
- Lead team of security engineers and vendor partners in support of the selection, design, development, operations, and continuous improvement of cyber security technology at BMT
- Provide hands-on leadership in cyber security technologies, frameworks, strategies, and best practices
- Ensure cyber threats are managed, monitored, and responded to effectively (incident prevention and response)
- Build and develop a skilled security engineering team and improve technical security knowledge across the IT organization
- Build and maintain key business, risk management, technology, and vendor relationships to enable success
- Develop a culture of collaboration, accountability and continuous improvement
- Support business planning, budgeting, and regular prioritization of work
- Manage and communicate the operational threats and technical weaknesses of systems
- Establish and direct the goals, policies, and procedures for areas of responsibility
- Support the development, communication, and delivery of the BMT technology strategy in support of enterprise strategies and goals
- Manage and optimize security technology contracts, vendor relations, and assets
- Monitor and report on enterprise security operations, threats and vulnerabilities
- Ensure compliance with audit and regulatory rules and guidelines
- Support regulatory examination and attainment of satisfactory ratings
- Bachelor’s degree in computer science, information technology, systems engineering, or related discipline; or additional equivalent years of experience.
- Minimum of 12 years’ experience in information technology or systems engineering
- Minimum 3 years financial services experience
- Minimum 5 years leadership experience in cyber security, security engineering, security operations, or incident response.
- Self-motivated, adaptable leader with a positive attitude and communication style.
- Ability to collaborate with high-performing teams and individuals to accomplish common goals
- Expertise in application and infrastructure high-availability and resiliency architectures with demonstrated experience in business
- Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability, and data protection.
- High level understanding and awareness of key regulations such as GDPR, CCPA, GLBA, CCAR, BCBS 239, or TCPA
- Preferred certifications (but not limited to): CISSP, CRISC, CISA, CCSP
- Preferred technical experience (but not limited to): Cloud IaaS, Data Warehouses, Azure, Salesforce, ETL, data integration. Software Engineer (developer) experience is helpful.
- Experience with incident response, threat modeling, vulnerability management, identify & access management is a plus.
- Proven vendor management and process improvement leadership
- Experience building teams, budgets, and business relationships
- Excellent understanding of project management principles.
- Excellent written and verbal communication skills with business executives, regulators, and technical professionals
- History of deep technical skills in 3 or more domains (e.g., Networking, Security, Cloud, Development, Systems Administration, etc.)
- Excellence in both technical and interpersonal skills.