Cybersecurity Compliance Manager
$140,000 - $170,000/Yr
The Pasha Group - San Rafael, CA
posted 19 days ago
Full-time - Mid Level
San Rafael, CA
Support Activities for Transportation
About the position
The Cybersecurity Compliance Manager at The Pasha Group is responsible for developing, implementing, and monitoring enterprise cybersecurity compliance programs to ensure adherence to various cybersecurity standards and regulations. This role focuses on operational resiliency and compliance with frameworks such as ISO, NIST, CMMC, and DFARS, while also addressing industry regulations like USCG and IMO. The manager will collaborate with various teams to implement necessary changes, conduct risk assessments, and deliver training related to compliance requirements.
Responsibilities
- Develop, implement, manage, and monitor cybersecurity compliance programs in line with industry standards.
- Continuously monitor the organization's cybersecurity practices to ensure compliance with relevant frameworks and regulations.
- Facilitate the implementation of corrective actions and improvements across the organization.
- Conduct regular cybersecurity risk assessments on vessels, shore-based systems, and supply chain operations.
- Collaborate with business unit leadership teams to identify vulnerabilities and recommend action plans.
- Create and maintain cybersecurity policies, incident response plans, and disaster recovery procedures.
- Align cybersecurity initiatives with broader organizational goals and operational needs.
- Work closely with IT, Legal, HR, ESG, and other departments to address compliance issues.
- Monitor implementation and adherence of best practices onboard vessels and in operational facilities.
- Evaluate and monitor third-party vendors and contractors for cybersecurity compliance.
- Respond to cybersecurity assessments and questionnaires as required by government agencies and auditors.
- Ensure timely and accurate communication and reporting to regulatory authorities.
Requirements
- Bachelor's degree in Cybersecurity, Information Technology, or related field required.
- Master's degree in a related field preferred.
- Certified Information Systems Security Professional (CISSP) or similar certification required.
- Transportation Worker Identification Credential (TWIC) required.
- 5+ years of related Cybersecurity compliance experience required.
- 5+ years experience with IT control frameworks, such as NIST-CSF, NIST 800-171, ISO27001, and PCI preferred.
- Experience in the transportation/shipping industry strongly preferred.
- Demonstrated knowledge of cybersecurity, compliance, and IT audit requirements.
Nice-to-haves
- Experience with US Coast Guard cybersecurity requirements for vessels and facilities preferred.
- Knowledge of maritime industry security regulations and frameworks.
Benefits
- Annual Incentive Opportunity: 10% of eligible compensation based on performance.
- Participation in an Incentive Plan.
