Privacy and Data Security Manager

SummaryThe Privacy and Data Security Manager is responsible for developing, executing, and monitoring comprehensive cybersecurity and IT risk management programs. This position provides the vision and leadership to manage the firm's risk. Additionally, it will ensure the security operations, governance, compliance, and audit of critical business operations to meet and exceed the company's objectives. Must be able to work onsite in New Haven, Hartford, or Stamford CTJob DutiesThe following are essential job duties and responsibilities of the Privacy and Data Security Manager. This list is not exhaustive, and other duties may be assigned as necessary.Evaluate potential security breaches, coordinate response, and recommend corrective actions.Create a company-wide security strategy that includes training, testing of security, and measures for continuous improvement.Evaluates new cybersecurity threats and IT trends and develops effective security controls. Oversees the development of security awareness programs.Develop and oversee effective disaster recovery policies and standards that align with the company's business continuity management program goals. Coordinate the development of implementation plans and procedures to ensure business-critical services are recovered in the event of disasters or other incidents, and provide direction, support, and in-house consulting in these areas.Collaborate with and mentor the technology team, sharing knowledge and ultimately developing more sound and secure solutions.Work with C Suite and leadership to ensure business initiatives align with cybersecurity initiatives.Respond to cybersecurity audits and questionnaires from clients.Create and maintain cybersecurity policies.RequirementsEducation: Bachelor's degree in Computer Science, Management Information Systems and/or commensurate years of experience.Experience: 5+ years of experience managing a cybersecurity team with the continued growth Knowledge/Skills and Abilities:Proven background implementing NIST-inspired Cyber Security Framework.Experience in handling security incidents.Strong knowledge of compliance standards such as HIPAA, GDPR, GLBA and NIST 800-171. Standards.Experience in reviewing the security stance of new technologies. Knowledge of Connecticut and New York privacy policies.Experience developing a collaborative environment (i.e., increasing the security program/awareness laterally, downward, upward, and externally).Experience managing a multi-site/distributed "blended" team consisting of in-house members and various Managed Service Providers (MSPs).Strong knowledge of information security technologies, LAN/WAN including firewall, intrusion detection, assessment tools, encryption, certificate authority, web, and application development.Experience implementing security processes and protocols in a technically diverse environment consisting of but not limited to Microsoft 365, firewalls, and various cloud applications.Experience in managing third party risk management programs. Preferred Skills: Certifications in Security and Compliance (and/or actively pursuing) (Certified Information Systems Security Professional (CISSP) or Certified Information Systems Manager (CISM).Ability to travel to all offices as required.Essential Physical/Mental DemandsAbility to sit for extended period of time.Ability to keyboard for extended period of time.Ability to deal with stress due to workload pressures.

Created: 2025-06-15