Job Description:Location: 100% remote, must live in Central or Eastern Region
Salary Range: $150,000 - $165,000
Company Overview
Performing over 80 million locates annually, USIC is the most trusted name in underground utility damage prevention. USIC also provides a full suite of utility services throughout North America. Our Mission: to deliver quality, efficient, safe, and innovative solutions to protect our partners’ infrastructure and critical assets. Our Culture is known as Living the SAFE-LIFE: Protecting Infrastructure, Protecting Our Communities, Protecting Ourselves.
Summary
The Cybersecurity Manager is a senior role responsible for leading, maturing, and hands-on execution of the organization’s information security program. Operating across a large enterprise environment of 2,500–10,000 employees in a hybrid cloud/on-premise landscape, this individual will serve as both a strategic program leader and a working technical practitioner. With one direct report, the Cybersecurity Manager must be capable of operating independently, driving security initiatives end-to-end, and building a scalable security function aligned to industry best practices including NIST CSF, CIS Controls, and ISO 27001.
Responsibilities
Own and mature the organization’s information security program and policy framework
Lead risk assessments and maintain the enterprise risk register with remediation tracking
Develop and enforce security policies, standards, and procedures aligned to NIST CSF and CIS Controls
Report security posture, risk trends, and program metrics to senior leadership and stakeholders
Manage internal and external audit engagements related to cybersecurity
Oversee day-to-day security monitoring across SIEM, EDR, and network detection tooling
Define detection and alerting strategies; tune rules to reduce false positives
Review and triage escalated alerts; serve as a hands-on analyst when needed
Maintain and improve SOC playbooks, runbooks, and escalation procedures
Serve as the Incident Response lead for all cybersecurity events and breaches
Develop, maintain, and exercise the Incident Response Plan (IRP) and associated playbooks
Coordinate cross-functional response with IT, Legal, HR, and Executive leadership
Conduct post-incident reviews and drive remediation of identified gaps
Oversee security architecture reviews for on-premise and cloud environments (AWS, Azure, or GCP)
Ensure security-by-design principles are applied to infrastructure changes and new deployments
Manage vulnerability management program including scanning, prioritization, and remediation tracking
Partner with IT and DevOps teams to embed security controls into the SDLC and cloud pipelines
Govern IAM strategy including role-based access control (RBAC), least privilege, and access reviews
Oversee MFA, SSO, and privileged access management (PAM) implementations
Conduct and manage periodic user access certifications across enterprise systems
Partner with HR and IT on joiner/mover/leaver lifecycle processes
Manage and mentor one direct report (Cybersecurity Analyst / Engineer)
Define team priorities, manage workload distribution, and conduct performance reviews
Build and maintain a multi-year cybersecurity roadmap aligned to organizational risk appetite
Manage security tool stack, vendor relationships, and departmental budget
Requirements
7+ years of experience in cybersecurity, with at least 2 years in a lead or management capacity
Demonstrated hands-on experience across two or more security domains (GRC, SOC, IR, Cloud Security, IAM, TPRM)
Proficiency with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar)
Experience with vulnerability management tools (e.g., Tenable, Qualys, Rapid7)
Working knowledge of cloud security in AWS, Azure, or GCP hybrid environments
Strong understanding of security frameworks: NIST CSF, CIS Controls, ISO 27001
Proven ability to lead incident response engagements end-to-end
Excellent written and verbal communication skills; ability to present to executive stakeholders
CISSP, CISM, CISA, or equivalent industry certification, preferred
Experience building or significantly maturing a security program
Familiarity with GRC platforms (e.g., ServiceNow GRC, Archer, OneTrust)
Experience with PAM tooling (e.g., CyberArk, BeyondTrust)
Background in a large enterprise environment (2,500+ employees)
We are an Equal Opportunity Employer. Veterans are encouraged to apply.