Sr. Manager Cybersecurity

The Sr. Manager of Cybersecurity is responsible for developing and executing the organization's cybersecurity strategy across multiple business units and locations. This role provides leadership and direction for all aspects of cybersecurity—including strategy, risk management, compliance, operations, and awareness—to protect the confidentiality, integrity, and availability of company information assets. The position requires strong technical expertise, strategic thinking, and the ability to lead cross-functional teams while communicating effectively with executives and external stakeholders.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field; Master's degree preferred.
• 10+ years of progressive experience in information security or related fields, including at least 5 years in a senior leadership role.
• Certifications: CISSP, CISM, CISA, CEH, or equivalent required; additional credentials (e.g., CRISC, CCSP) a plus.
• Deep understanding of network security, cloud security, identity management, and incident response.
• Proven experience managing cybersecurity programs across multiple business units or global sites.
• Excellent leadership, communication, and stakeholder management skills.

Key Responsibilities:

1. Strategy and Policy

• Clarify objectives and roles, understanding business goals, processes, risk profile, compliance requirements and how security impacts these for strategic alignment.
• Assess current capabilities, evaluate the existing team's strengths and weaknesses regarding technical skills and operational functions such as monitoring, detection and incident response.
• Balance security automaton with a human-centric approach, invest in people who can thing critically, adapt and see patterns that automated system may miss.
• Strategy and governance, develop a clear security charter and program, establish governance, conduct risk assessments, build and manage compliance frameworks.

1. Risk Management

• Identify, assess, and mitigate cyber and technology risks across the enterprise.
• Partner with IT, operations, and procurement teams to evaluate new projects, vendors, and technologies from a security perspective.
• Maintain and update the enterprise risk register related to cybersecurity.

1. Incident Response and Resilience

• Lead the development, testing, and execution of incident response, disaster recovery, and business continuity plans.
• Serve as the incident commander during cybersecurity events, coordinating internal response and external communications.
• Conduct post-incident reviews and drive continuous improvement.

1. Compliance and Audits

• Ensure compliance with relevant regulatory frameworks (e.g., GDPR, HIPAA, SOC 2, ISO 27001, NIST, CMMC).
• Oversee external and internal security audits, assess findings, and lead remediation efforts.
• Maintain documentation and evidence required for certifications and audits.

1. Security Operations

• Oversee daily security operations including identity and access management, vulnerability management, and threat detection/response.
• Integrate and optimize security tools and technologies such as SIEM, EDR, firewalls, and data loss prevention systems.
• Monitor and report on the security posture across all sites.

1. Team Leadership

• Lead, mentor, and develop security engineers and analysts across multiple sites.
• Build a security-aware culture throughout the organization.
• Plan staffing, budgeting, and professional development for the cybersecurity function.

1. Employee Education and Awareness

• Design and implement security awareness training programs for all employees.
• Promote cybersecurity best practices to reduce human-factor risks.
• Conduct regular phishing simulations and awareness campaigns.
• Invest in professional development of security and technical staff, including mentorship with senior members to transfer institutional knowledge and identify future leaders.

1. Executive and Board Communication

• Regularly brief the CEO, Board of Directors, and senior executives on cybersecurity risks, initiatives, and metrics.
• Develop and present risk assessments, investment proposals, and incident reports.
• Collaborate with external partners, industry groups, and regulatory agencies to align best practices.

Work Environment:

• This position operates in a global, multi-site manufacturing and technology environment.
• Periodic travel to domestic and international locations may be required.
• Sitting or standing for long periods of time.

#NHB123

#NHBBC

New Hampshire Ball Bearings, Inc. (NHBB) is a leading manufacturer of precision bearings and complex bearing assemblies for the aerospace, defense, medical, dental, and high technology markets. Founded in Peterborough, NH in 1946, our almost 8 decades of success are rooted in our commitment to the safety, health and wellness of our employees, and partnerships with our customers, suppliers and the communities that surround us.

NHBB's Precision Division is based in the western corner of the San Fernando Valley surrounded by the Santa Susanna Mountains to the west and Los Angeles to the east.

We are always on the lookout for outstanding individuals with a strong work ethic, creative spirit and positive attitude. If you have what it takes to be successful and our NHBB Values speak to you, apply now.