Sr. Manager, IT Security

The Sr. Manager/Director of IT Security is responsible for developing and leading the organization’s Cybersecurity function. This role will oversee at least one direct report and will be tasked with building a strong and sustainable security program.

Key responsibilities include defining and executing the IT Security strategy, managing the company’s online security awareness program, ensuring compliance with applicable standards, and maintaining the confidentiality, integrity, and availability of company systems and data. The Sr. Manager/Director will also lead risk management efforts, including penetration testing, remediation, and incident response planning. Additionally, this role manages the relationship with PPC’s third-party Security Operations Center (SOC) provider to research and implement recommendations to strengthen PPC’s overall security posture, practices and responsiveness to threats. The ideal candidate will combine strategic oversight with hands-on technical expertise to safeguard people, assets, and data across the enterprise.

Security Strategy & Development

• Develop and oversee a comprehensive security strategy that integrates cybersecurity and risk management programs while ensuring alignment with business objectives and regulatory requirements.
• Manage and mature the organization’s cybersecurity posture, including endpoint, network, and cloud security.
• Administer and optimize security technologies including Microsoft Defender for Endpoint / Defender for Cloud, Azure Security Center, Okta / Azure AD for Identity & Access Management, etc.
• Lead the development and execution of the security awareness program to promote a security culture
• Provide leadership to ensure the confidentiality, integrity, and availability of company systems and data
  
  

Risk Management & Compliance

• Conduct routine penetration testing and security audits, coordinating timely remediation and mitigation of identified vulnerabilities. Ensure compliance with relevant frameworks and standards
• Ensure adherence to cybersecurity frameworks and standards (e.g., NIST, CMMC, etc.) to maintain regulatory compliance.
• Oversee incident response planning and execution, including investigations, documentation, and corrective actions
• Perform risk assessments and vulnerability analyses to proactively identify threats.
• Provide executive reporting on risk posture, audit findings, and key security metrics.
  
  

Security Operations & Vendor Management

• Manage relationships with third-party Security Operations Center (SOC) providers ensuring alignment with organizational cybersecurity goals.
• Implement SOC recommendations to enhance threat detection, response capabilities, and overall security posture.
• Oversee monitoring and detection systems to ensure timely identification and response to security threats
  
  

Safety/Hazard Recognition & Elimination

• Pre-plan and identify the methods to eliminate hazards daily by work task.
• Execute skill in observing habits and hazards of others and bringing it to their attention.
• Uphold safety as the most important goal of our company. Support goal of achieving zero accidents.
• Promote and encourage open communication between field and office regarding all safety concerns, suggestions, improvements, and PPE needed.
• Obtain safety training as expected by all company personnel.
  
  

Qualifications

• 8+ years of experience in IT Security or Cybersecurity with at least 2-years in a leadership capacity
• Bachelor’s degree in Information Technology, Cybersecurity, or related field (or equivalent professional experience)
• Strong knowledge of cybersecurity frameworks, threat intelligence, and risk management.
• Experience with cloud security (e.g., AWS, Azure), network security, and identity and access management solutions.
• Proven ability to manage third-party SOC relationships and implement security recommendations.
• Strong understanding of network, system, and application security principles
• Proficient in security monitoring, threat detection, incident response, and risk assessment tools
• Knowledge of data privacy laws, compliance frameworks, and cybersecurity standards
• Ability to operte both strategically and hands-on in a fast-paced environment
• Excellent analytical, problem-solving, and organizational skills
• Experience with Trend Antivirus a plus
• Experience with Arctic Wolf a plus
• Experience with KnowBe4 a plus
• Knowledge of CMMC certification process a plus
  
  

PPC Partners is an Equal Opportunity Employer