Assistant Manager, Cybersecurity Architecture & Governance

Requirements

• Minimum 10-12 years of experience in cybersecurity, information security, cyber risk, or incident response roles.
• Proven exp

Additional Information

We value our people and encourage everyone to grow professionally. If you think this opportunity is right for you, we encourage you to apply! Job Description: 1. Cybersecurity Architecture Governance, Strategy & Delivery Govern enterprise cybersecurity architecture standards, principles, and reference architectures across IT, OT, and cloud environments. Provide decision authority on security architecture designs, control implementations, and cybersecurity technology selections. Ensure all-digital, infrastructure, and OT initiatives comply with approved cybersecurity architecture, policies, frameworks, and regulatory requirements. Lead enterprise cybersecurity initiatives and transformation programs from planning through delivery, ensuring alignment with architecture, risk, and compliance objectives. Own the evaluation, procurement, deployment, and lifecycle governance of enterprise cybersecurity technologies, not limited to: Endpoint and network security solutions Zero Trust Architecture (ZTA) and Secure Access controls Data Leak / Data Loss Prevention (DLP) Mobile and Cloud Security platforms Define and maintain cybersecurity technology standards, configuration baselines, and system hardening requirements. Provide governance oversight to cross‑functional teams (IT, OT, Operations, Risk, Compliance, Vendors) Ensure cybersecurity initiatives are delivered within approved scope, timeline, and budget, with appropriate risk management and executive reporting. 2. Cyber Risk Management, Compliance & Assurance Own and govern the enterprise cyber risk management framework, including risk identification, assessment, prioritization, treatment, and reporting. Provide decision authority on cyber risk acceptance, compensating controls, and escalation to senior management. Ensure timely remediation of high‑risk vulnerabilities, audit findings, and penetration test results. Oversee compliance with applicable cybersecurity regulations, standards, and frameworks (e.g., ISO 27001, NIST, CIS Controls, GDPR, and local regulatory requirements). Act as a senior liaison for cybersecurity audits, regulatory inspections, and independent assessments. Provide executive‑level reporting on cybersecurity risk posture, control effectiveness, and program maturity. Ensure appropriate documentation, approvals, and audit trails for cybersecurity initiatives and risk decisions. 3. Cyber Analytics, Threat Intelligence & Investigation Oversight Provide governance and oversight for enterprise cyber analytics, threat detection, and investigation capabilities. Oversee the use of SIEM, security analytics, threat intelligence, and monitoring platforms to ensure effective detection of cyber threats and anomalous activities. Guide and review cybersecurity incident investigations, including root cause analysis, impact assessment, and containment strategies. Ensure cyber investigations follow approved procedures, legal, regulatory, and evidentiary requirements. Review investigation outcomes, lessons learned, and corrective actions to strengthen preventive and detective controls. Coordinate with internal stakeholders (IT, Legal, Risk, HR, Compliance) and external parties where required for major cyber incidents. Provide executive‑level reporting on significant cyber incidents, investigation outcomes, and risk implications. 4. Leadership, Stakeholder & Vendor Management Provide leadership and direction to cybersecurity engineering, operations, analytics, and investigation teams. Act as a senior cybersecurity advisor to business leaders, technology leadership, and operational teams. Drive consistent adoption of cybersecurity governance, accountability, and incident response discipline across the organization. Manage strategic relationships with cybersecurity vendors and Managed Security Service Providers (MSSP). Monitor vendor performance, SLA, KPI, and service quality, ensuring value realization and risk management. Champion a strong cybersecurity culture and risk‑aware mindset across IT, OT, and business units. 5. Strategic Planning & Continuous Improvement Monitor emerging cyber threats, threat actor trends, regulatory developments, and technology advancements impacting IT, OT, and cloud environments. Define and maintain the enterprise cybersecurity roadmap aligned with business strategy and digital transformation. Recommend and lead initiatives to enhance cybersecurity maturity, resilience, detection, investigation, and response effectiveness. Support long‑term cybersecurity capability planning, investment prioritization, and technology modernization. Ideal Candidate Education & Certification Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field. Professional certifications are strongly preferred (e.g., CISSP, CISM, CCSP, CISA, ISO 27001 Lead Implementer/Lead Auditor).

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at sdguthrie? Share your experience