Rubris Inc.

IT Security Manager

Rubris Inc.

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Cyber Security

About the role

  • Manage certification frameworks, including CMMC, NIST, and SOC 2
  • Assist the Company to successfully achieve compliance with applicable security certifications
  • Develop, track, and maintain security and compliance policy documents
  • Build and maintain controls documentation aligned with multiple compliance frameworks and standards
  • Ensure ongoing compliance with the Company’s information security policies and procedures and ensure controls are implemented
  • Develop IT security standards, best-practice implementations, and systems to ensure enterprise information system security
  • Identify acceptable levels of risk and establish roles and responsibilities for information classification and protection
  • Maintain security policies and procedures
  • Evaluate risk and develop security standards, procedures, and controls with a mindset of continuous process improvement
  • Analyze and review system configurations for security vulnerabilities
  • Monitor Company security vulnerabilities
  • Assist with remediation of escalated incident tickets and review completed tickets for accuracy and sufficiency
  • Conduct vendor security assessments and support the Company’s vendor management program
  • Coordinate security and compliance technology development requests
  • Coordinate with external IT service providers on security and compliance matters, including device configuration, application management, and security updates
  • Attend Security Committee meetings and draft meeting minutes
  • Coordinate Security Committee meetings and maintain records of activities
  • Communicate cybersecurity risks to senior management through reports, presentations, metrics, and documentation
  • Conduct security awareness training and assist with publishing security bulletins and advisories
  • Design and conduct testing of data security controls, including simulated events and phishing exercises
  • Provide security guidance and training to Company employees
  • Provide security guidance for IT projects, including evaluation and recommendation of technical controls

Requirements

  • Bachelor's degree or equivalent and 5-8 years of experience in IT security, information security, or cybersecurity required
  • Previous experiencing managing this function within a fully remote company preferable
  • Ability to work independently and with a self-directed mindset of ownership of this function is critical to success
  • Hands-on experience with CMMC, NIST, and/or SOC 2 compliance
  • Experience developing and maintaining security policies, procedures, and controls documentation
  • Knowledge of risk assessment, vulnerability management, and incident response support
  • Ability to communicate security risks and requirements to technical and non-technical stakeholders
Benefits
  • 100% remote work (MacBook Pro provided)
  • Fully paid premiums for employee medical, dental, and vision insurance
  • Annual paid time off (PTO) plus 11 paid holidays
  • 401(k) plan with employer contribution that is 100% vested
  • Opportunities to advance, develop, and make an impact as part of a growing company
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
CMMCNISTSOC 2security policiesrisk assessmentvulnerability managementincident responsesecurity controlscompliance documentationdata security testing
Soft Skills
independent workself-directedcommunicationownershiptrainingpresentationdocumentationcollaborationprocess improvementanalytical thinking
Certifications
Bachelor's degree