Cyber Security Program Manager

Job Description

This is a full-time position that requires being at the Pastoral Center in Braintree several days a week.

SUMMARY: The Cyber Security Program Manager is principally responsible for the ITD security posture including technologies, policies, training, improvements, administration, oversight, etc. The position will require leadership in broad strategic planning activities, outreach, training and support, as well as hands-on technical tasks. This position requires working closely with ITD staff and vendors, as well as directly with employees both at the Pastoral Center and at remote office locations, including parishes.

This position reports to the CIO.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Leadership:
• Develop and implement a broad and comprehensive security posture built on known standards, e.g., NIST Framework, CIS Controls, Zero Trust. As appropriate, communicate new standards and protocols to senior staff and others.
• Develop, document, and audit best practices in support of network, systems, services, and information security.
• Enhance existing information security policies. Develop new policies including at the intersection of information security and Artificial Intelligence (AI).
• Lead the parish cyber initiative, working closely with all stakeholders.
• Develop a comprehensive parish cyber training program.
• Establish and facilitate regular cyber training workshops.
• Oversee the regular third-party penetration and security audits. Evaluate results, develop and implement recommendations, improvements, and new technologies.
• Operate as the primary and principal respondent to compromise, including ransomware. Coordinate and oversee the response including managing a third-party cyber response team(s). Execute remediation and recovery protocols. Work with departments, groups and other catholic entities to assist in recovery.
• Develop and foster working relationships with global providers of security related solutions and services. Negotiate contracts and agreements that best serve the archdiocese and its constituents.

Incident Response:
• Provide cyber incident tier 1 and tier 2 response and support at the Pastoral Center and at parishes.
• Rapid response to malware, and hacking attempts. Manage the execution of response plans.
• Work as the Primary Point of Contact with third party cyber response and forensic service providers.
• Respond to critical security related issues on a 24X7 basis. Be available by cellphone.
• Administer, maintain and test Disaster Recovery (DR) protocols, systems and solutions. Develop and document DR protocols and procedures.

Operations:
• Harden and ensure network and systems security and integrity protecting data and technology assets from loss, failure, and internal and external threats.
• Monitor and administer ITD security solutions and platforms.
• Identify internal and external threats and mitigate as appropriate.
• Ensure least privilege (Principal of Least Privilege), is being appropriately applied,
• Working closely with the Systems and Network Manager, monitor and respond to security alerts, quarantine suspicious emails, etc. Adjust systems rules and policies to maximize resilience to security threats that place resources and data at risk.
• Enhance and update the existing cyber-training materials and solutions.
• Review technical documentation including legal agreements, SOC reports, etc., as part of evaluating service providers.
• Administer and utilize portals for device management, security oversight, network monitoring, etc., with appropriate evaluation, response and escalation.
• Support, manage, maintain, Firewall policies and rules.
• Ensure the physical security of the network including locking down public accessible spaces, monitoring network activity and responding to hostile activity and attacks.
• Provide support for building security including security cameras and door access systems.
• Provide technical support.
• Work within the ITD team and/or vendors, assisting with desktop/laptop/server and peripheral equipment deployments ensuring compliance with all security related policies and best practices.

Audits:
• Audit and ensure remote office locations are complying with best practices for systems and information management.
• Perform security audits and evaluations on existing servers, solutions and platforms including custom developed solutions.
• Perform routine penetration and security testing, implement mitigation strategies.
• Perform routine data audits to secure PII and ensure data storage and use is compliant with all ITD policies and procedures. Identify and locate all PII ensuring users are appropriately trained in best practices to prevent data theft or loss.
• Audit SOC reports on an annual basis of all critical enterprise systems.
• As required, evaluate server patch requirements and ensure server patching is current.
• Perform regular user account audits.

Projects and Improvements:
• Evaluate and recommend security related products and services for use at the Pastoral Center as well as more broadly across the archdiocese.
• Create, lead and document projects in support of networks, systems and information security and controls.
• Implement comprehensive DLP policies and technologies.
• Other assigned duties, projects, and activities. Not all assigned ITD projects and activities will be solely security based or related.

QUALIFICATIONS:

To perform this job successfully, an individual must be able to perform each essential duty to an acceptable professional level. The requirements listed below are representative of the knowledge, skill, and/or ability required.

Education and Certification
• Bachelor's or Master's degree in the field of Information Technology, Computer Networking, Network and Systems Administration, Network Engineering, Computer Science, Information Sciences, Information Security, IT Project Management, or a similar related field.
• Certified Information Systems Security Professional (CISSP).
• Microsoft 365 Certified Fundamentals (MS-900), Microsoft Certified: Security Administrator Associate, Microsoft Certified: Enterprise Administrator Expert are a plus.
• Project Management Certification(s) such as PMP or CAPM is a plus.

General Knowledge and Experience
• Familiarity with industry standards regarding technology, data and information security and protection including, SOC, ISO, PII, PCI, NIST Framework, etc.
• Demonstrated relevant work experience with all aspects of securing a complex network environment.
• Demonstrated ability to present, teach, and mentor small and large groups including technical and non-technical staff.

Technical Knowledge and Experience
• Seven years prior experience of systems administration, network and application security and control.
• Expertise in various security related technologies and solutions.
• Azure and or AWS and or GCP
• Microsoft Azure, Intune, Defender for Identity, Entra, Purview, Security, DLP.

Personal Attributes:
• Excellent organizational, communication, presentation, and teaching skills.
• Effectively and professionally interface with both technical and non-technical colleagues and staff.
• Able to work closely with a small group of professionals with specific areas of responsibility while assuming secondary support and backup roles.
• Self-starter, self-learner, self-motivated.
• Cleary and strongly demonstrates a sense of responsibility, ownership, and leadership.

PHYSICAL PERFORMANCE ELEMENTS:

• Ability to use a computer keyboard for up to 8 hours/day.
• Ability to access and discern needed information from equipment, tags, or service portals.
• Ability to sit for up to 8 hours/day.
• Ability to lift up to 50 pounds.

OTHER WORK REQUIREMENTS:

• Occasionally work evenings and weekends as required.
• Travel to remote offices including parish locations, for audits, training, and support activities.
• Business Casual attire.

Salary range $118,000 - $127,000 per year

To apply please send resume and cover letter to HR_Staffing@rcab.org.

The duties and requirements described above are representative of those encountered during performance of the essential functions of this job. Reasonable accommodation may be made to enable qualified individuals with disabilities to perform the essential functions.

About the Employer

The Archdiocese of Boston is the fourth largest archdiocese in the United States and is the spiritual home for more than 1.8 million Catholics. Since July 2003, Cardinal Sean P. O'Malley, OFM Cap., has led the Archdiocese through unprecedented events with a focus on healing and rebuilding the local Church.