Manager, Cybersecurity Operations

See yourself at Odyssey.

Join the team as our new Manager, Cybersecurity Operations.

In This Role, You Will: 

• Implement and manage a comprehensive enterprise-wide cybersecurity policy program, including maintaining a document framework of policies, standards, and guidelines, including lifecycle governance of approval and publications.
• Develop, implement, and monitor our information security management system based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
• Act as an escalation point and provide work direction and technical assistance to analysts in the Cybersecurity Operations department. Take a hands-on role in mentoring, coaching, and developing other team members.
• Manage and oversee the deployment of cybersecurity tools, technology, and systems across the IT environments.
• Maintain the Cybersecurity Incident Response Team/Policy and lead an annual exercise to ensure there are no security gaps.
• Lead knowledge and simulation activities to include lunch and learns, small-form training (KnowBe4) and phishing simulations.  Measure and report on progress associated with cyberawareness.
• Lead the team to monitor security vulnerabilities and threats in our technology systems while anticipating new security threats by staying up to date with evolving technologies.
• Stay current in technology-specific information security risk management techniques, industry best practices, regulatory requirements, and specific areas of Information Security risk.
• Develop and implement a risk assessment framework to review and report information security risks.
• Measure and report on the effectiveness of cybersecurity policies, procedures, and controls to ensure agreement on the cyber strategy and strategic cyber goals by focusing on operational performance and quality outcomes.

Qualifications

We recognize not all applicants have every skill or qualification to match a job description exactly. Odyssey values diverse experiences in other industries, and we encourage everyone who meets most required qualifications to apply. While having “desired” qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. We are always looking for people who will bring something new to the table!

• Minimum of 3-5 years of global experience in an information security management role including 5-7 years of information security experience as an individual contributor.
• Bachelor’s degree or advanced degree preferred, professional security management certification is required, such as Certified Information Systems Security Professional (CISSP), certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.
• Experience leading, motivating, and developing a team of IT professionals, preferably in a SOC environment.
• Experience in asset and change management principles and practices.
• Knowledge of physical security, network and systems infrastructure, and security related tools such as whitelisting, IDS/IPS, anti-malware, patch management, baselining, SIEM, access control, and firewalls.
• Experience with GAP assessments, penetrations testing and techniques, and patch management.
• Knowledge of regulations, frameworks, and standards, including NIST, OWASP, CPRA, GDPR, and ISO. Monitor and report on new laws, regulations, industry standards, and requirements that may affect the organization.
• Knowledge of common information security management frameworks, such as ISO, ITIL, COBIT, and NIST, including the Cybersecurity Framework and 800-53.
• Experience with modern security tools in EDR/XDR (e.g. Crowdstrike), Vulnerability Management (e.g. Rapid7), Patch and Endpoint Management (e.g. Automox, Intune), Office 365 / Azure (e.g. Defender, Azure AD, Exchange), AWS, SIEM/External SOC/MDR (e.g. Arctic Wolf), Log Aggregation, Dynamic Code Scanning, EASM, Knowledge and Phishing (e.g. KnowBe4), and dynamic penetration testing.
• Strong ability to communicate information security and risk-related concepts to technical and non-technical audiences at various hierarchical levels, ranging from board members to technical specialists.

Location: This is a hybrid in-office role based in Gdańsk Oliwa, Poland.

We offer a generous compensation and benefits package including:

• Medical plan including dental and rehabilitation treatments;
• Lunch card; 
• Benefit points, incl. Multisport and vendor discounts;
• Hybrid work, 3 days of office presence per week;
• IT equipment for your working space at home.

No relocation allowance will be considered unless specifically addressed. All applicants must be currently authorized to work in Poland.

Odyssey is an equal opportunity employer. Qualified Applicants are considered for positions and are evaluated without regard to mental or physical disability, race, color, religion, gender, national origin, age, genetic information, military or veteran status, sexual orientation, marital status, or any other classification protected under applicable law.