Cybersecurity Program Manager/Analyst
Kito Crosby is the world leader in the heavy lift and securement industry. We set the standard for quality, training, and technical expertise in the field. It’s our goal to exceed the expectations of our customers through technical leadership, innovative solutions, vertically integrated manufacturing, premier use of support, and a value-added distribution channel.
We are committed to investing in and developing our employees’ talents and leadership and are currently seeking candidates for this position.
We offer a competitive compensation and benefits package that includes paid time off, medical, dental, vision, life and disability coverages, 401(k) with company match and 10 paid holidays annually.
As part of the Kito Crosby team, you will be supporting channel partners and end users around the world using Kito Crosby products in mission critical applications ranging from development of renewable power, space exploration, national defense, manufacturing and infrastructure development.
Job Summary:
We are seeking a highly skilled and proactive Cybersecurity Program Manager / Analyst to protect Kito Crosby’s digital assets, infrastructure, and data from cyber threats. The Cybersecurity Program Manager / Analyst will be responsible for identifying assessing our threat landscape, identifying gaps, developing technology roadmaps, writing policies/procedures, and deploying cyber capabilities to continuously monitoring systems, identifying vulnerabilities, responding to security incidents, and implementing security policies to maintain compliance with industry standards. The ideal candidate will stay ahead of emerging threats and ensure that all cybersecurity measures align with business objectives.
Key Responsibilities:
- Threat Management and Monitoring
- Monitor networks, systems, and applications for suspicious activity.
- Identify, analyze, and mitigate potential cyber threats and vulnerabilities.
- Conduct penetration testing and vulnerability assessments to assess system weaknesses.
- Incident Response and Recovery
- Lead incident response efforts, including investigation, containment, and remediation.
- Develop and update incident response playbooks and workflows.
- Perform forensic analysis during and after incidents to identify root causes.
- Security Policy Development and Compliance
- Develop and enforce security policies, procedures, and standards.
- Ensure compliance with industry regulations (e.g., GDPR, CCPA, NIST, CMMC, ISO 27001).
- Support security audits and maintain required documentation.
- Risk Assessment and Mitigation
- Conduct risk assessments to evaluate the impact of emerging technologies and third-party services.
- Implement security controls to mitigate identified risks and reduce the attack surface.
- Policies, Training and Awareness
- Determine and draft written policies as needed.
- Provide cybersecurity training and awareness programs for employees.
- Collaborate with other departments to promote secure practices across the organization.
- Security Tools and Technology Management
- Configure, maintain, and optimize security tools (e.g., firewalls, SIEM, IDS/IPS, endpoint protection).
- Stay updated on the latest cybersecurity technologies and trends.
- Evaluate and recommend new security solutions as needed.
- IoT segregation practices
Qualifications and Skills:
- Educational Requirements:
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field. Master’s degree is desirable. (Relevant experience may substitute for education.)
- Certifications (Preferred):
- CompTIA Security+, CEH (Certified Ethical Hacker), CISSP, CISM, or equivalent.
- Experience with frameworks such as NIST, ISO 27001, or CIS Controls and maturing organizational capabilities.
- PMP are highly desirable.
- Technical Skills:
- Proficiency in security tools (e.g., SIEM platforms, IDS/IPS, firewalls, antivirus software, EDR).
- Strong understanding of networking, system administration, and cloud security (AWS, Azure, etc.).
- Hands-on experience with penetration testing and threat intelligence platforms.
- Soft Skills:
- Analytical and problem-solving skills, marked by critical thinking and sound judgment.
- Excellent written and verbal communication skills, including the ability to convey complex information clearly and effectively to both technical and non-technical audiences across all organizational levels.
- Experienced in leading discussions and building solid, trustworthy relationships with executive leaders and various business stakeholders by building rapport, trust, and confidence towards internal/external audit.
- Ability to work independently and collaborate effectively in a team environment.
Experience:
- 7-10 years of experience in cybersecurity or a related field.
- A proven track record of creating multi-year technology roadmaps and successfully leading and managing complex global projects to realize business results.
- Proven ability to work cross functionally (with other IT Teams, Legal, HR and etc.) and to manage external vendor partners.
- Prior experience in a security operations center (SOC) or incident response team is a plus.
- Working in Manufacturing environments on a global scale.
Physical Demands/Environmental Conditions:
Normal Office conditions. Office located in a large manufacturing facility. Job demands may require long periods of sitting, telephone work, and/or computer work, as well as interaction with other people. Normal office conditions include walking, standing, bending, kneeling, climbing stairs, lifting, driving, and/or traveling. Moderate physical activity required by handling objects up to 50 pounds occasionally and/or up to 20 pounds frequently.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.