Manager of Cyber Security Clean Harbors
Norwell, MA

Job Description

The Opportunity:

The Manager of Cyber Security maintains ownership of policy, process, configurations and documentation related to both data security as well as IT systems security configurations and practices. The Manager of Cyber Security working with IT Infrastructure, Application Development, Human Resources and Business Leadership to maintain and adhere to existing organizational standards as well as drive and implement adoption of additional best practices and security models. The Manager of Cyber Security supervises the security engineering team and acts as an authority for related IT staff in matters pertaining to security. In addition this role is responsible for managing security related projects or initiatives both within IT areas and across the company. This role reports to the Director of Technology Infrastructure.

Why work for Clean Harbors?

* Health and Safety is our #1 priority and we live it 3-6-5!
* Competitive wages
* Comprehensive health benefits coverage after 30 days of full-time employment
* Group 401K/RRSP with company matching component
* Generous paid time off, company paid training and tuition reimbursement
* Positive and safe work environments
* Opportunities for growth and development for all the stages of your caree

Key Responsibilities:

* Acts as the subject matter expert (SME) for corporate security as a whole including and beyond cyber security specific areas.
* Creates and maintains documentation of software application, data and IT systems security controls, procedures, specifications and methods across the organization's solution stack.
* Creates and maintains security policies, procedures and process tracking for the organization as a whole working with IT Infrastructure, Application Development, Financial and Human Resources teams to name a few.
* Evaluates and maintains adherence to selected security frameworks and specifications from: NIST, ISO and others.
* Maintains and progresses through framework lifecycles and adoption standards such as the key phases of NIST implementation. (Identify, protect, detect, respond, and recover)
* Develops and maintains data classifications across structured and unstructured areas; works to implement processes or toolsets to actively identify, audit and/or protect such data assets.
* Works with IT Infrastructure and Database and Development teams to monitor, maintain, review and audit compliance with existing security practices while working toward adherence with emerging standards.
* Works with internal/external auditors during compliance audits: risk assessments for insurance purposes, Sarbanes-Oxley, PCI and other regulatory body reviews to coordinate documentation and evidence collection.
* Responds to inquiries, audits, questionnaires from customers and vendors.
* Guides application development, database administration, network/systems teams and the company as a whole regarding selection of software/ technology and business process solutions from a data and systems security perspective.
* Establishes and drives measurable goals that are aligned with departmental and organizational goals to provide efficient and effective cyber protections
* Develops and maintains a balanced approach to cyber security that maximizes functionality of information systems while minimizing overall risks
* Maintains a pulse on current industry trends and security technologies; attends cyber security seminars and relevant events. Continually evaluates these trends against existing solutions proactively.
* Keeps apprised of changing laws and regulations governing data security and their relevance to the business.
* Establish, manage and maintain security partner and vendor relationships and/or engagements
* Develops and implements cyber security awareness programs and training for the organization; anti-phishing campaigns, end-user training and education working and other PSAs.
* Assesses vulnerabilities and manages mitigation and remediation efforts with internal teams and external partners.
* Ensures information is disseminated amongst other IT Managers and the department at large
* Actively seeks collaboration across individuals, teams and managers.
* Establish and maintain relationships with internal and external stakeholders
* Establish and maintain peer relationships both internal and external to our department to keep in touch with our business operations and understand impacts of security practices.
* Advises IT and business leadership on security matters and works to dovetail security roadmaps and minimize risk in line with strategic initiatives.

What does it take to work for Clean Harbors?

* 5-10 years of experience in Information Security.
* Bachelor's degree in Information Technology, Cyber Security or related field.
* Excellent written and oral communication skills, ability to communicate clearly at all levels internally and with vendors, partners and external auditors.
* Extremely organized individual with the ability to multi-task and coordinate parallel tasks, projects and initiatives
* Expert level knowledge of MS Office suite of applications; Excel, Word, PowerPoint, Visio
* Regulatory audit / IT audit experience preferred (SOX, PCI, HIPAA, and GDPR)
* Industry certifications in cyber-security or related preferred: (e.g. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), CompTIA Security+, Certified Ethical Hacker (CEH) or related)
* Must have in depth knowledge of and experience implementing and maintaining security frameworks such as NIST, PCI DSS, ISO 27001/27002, and CIS. NIST is highly preferred.
* IT Systems/Networking experience and/or industry certifications highly preferred (CCENT/CCNA/MCSE)
* Ability to work in a fast paced and high pressure environment and balance priorities effectively.
* Demonstrated ability to develop plans that meet the architecture/technology needs of the organization while incorporating strategy, business priorities, goals, emerging technologies, industry trends, and economic viability.
* Ability to present ideas in context, which can be understood by technical, business and non-IT users
* Excellent problem solving and critical thinking skills; solution focused individual
* Ability to manage conflict and engage in compromise with others
* Self-motivated individual with a DevOps mindset for continuous improvement.
* Ability to manage complex projects, motivate people and drive forward project and department goals
* Experience creating detailed documentation for internal and external audit review
* Hand-on, roll-up-the-sleeves personality able to step-in directly to ensure delivery and execution
* Work experience with a public company with revenues above 500M, multiple office locations and an employee base of over 2,500 preferred

Join our team today! To learn more about our company, and to apply online for this exciting opportunity, visit us at www.cleanharbors.com/careers

Clean Harbors is the leading provider of environmental, energy and industrial services throughout the United States, Canada, Mexico and Puerto Rico. Everywhere industry meets environment, Clean Harbors is one-site, providing premier environmental, energy and industrial services. We are solving tough problems through innovation and proven methodology - come be part of the solution with us.

* CHP

#LI-MC1