Cold Spring Harbor Laboratory (CSHL) is a leading research and educational institution dedicated to exploring fundamental molecular biology and genetics. We are seeking a talented cybersecurity professional to join our dynamic team as the Cybersecurity Manager. The Manager of Cybersecurity is responsible for overseeing the daily operations of the Laboratory's IT protective services, encompassing risk management, engineering, analysis, and investigations. This role requires close collaboration with the Laboratory's faculty, the director of facility security, departmental heads, staff, and external service firms to ensure the confidentiality, integrity, and accessibility of Laboratory systems and networks.

The Manager of Cybersecurity leads efforts to enhance the Security Information and Event Management (SIEM) capabilities. Responsibilities include prototyping, configuring, troubleshooting, and maintaining a wide array of security-focused services, products, and equipment that provide technical and administrative controls. Additionally, the Manager of Cybersecurity recommends products or services that best align with the Laboratory's cybersecurity needs.

Protect, Analyze, and Defend:

• Develop unique cyber indicators to maintain constant awareness of the highly dynamic operating environment. Collect, process, analyze, and disseminate cyber warning assessments.
• Utilize data from various cyber defense SIEM tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events within the environment and mitigate threats.
• Test, implement, deploy, maintain, and administer the infrastructure hardware and software, either independently or through collaboration with staff, consultants, or managed services.
• Identify, collect, examine, and preserve evidence using controlled and documented analytical and investigative techniques. Investigate, analyze, and respond to cyber incidents within the network environment or technology services enclave.

• Design enterprise and systems security throughout the systems development lifecycle, translating technology and environmental conditions (e.g., laws and regulations) into security designs and processes.
• Conduct software and systems engineering and research to develop new capabilities, ensuring cybersecurity is fully integrated. Conduct comprehensive technology research to evaluate potential vulnerabilities in cybersecurity systems.
• Examine data from multiple disparate sources to provide new insights. Design and implement custom algorithms, flow processes, and layouts for complex, enterprise-scale data sets used for modeling, data mining, and research purposes.
• Manage and administer processes and tools that enable the organization to identify, document, and access intellectual capital and information content.

• Draft, propose, and maintain cybersecurity policies and procedures.
• Maintain and annually update the cybersecurity risk register.
• Monitor routine vulnerability analysis and initiate remedial activities, tracking to completion and/or management acceptance of residual risk.
• Maintain, test, and update IT business continuity plans and disaster recovery plans.
• Conduct prospective evaluations of all technology and IT services to confirm alignment with research requirements and update as needed, communicating status as necessary.

EDUCATION:

• Undergraduate degree in a related field (Master's preferred).
• Certification(s) in one or more of the following areas: GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), CISA: Certified Information Security Auditor, CEH: Certified Ethical Hacker, CISM: Certified Information Security Manager, or CompTIA Security+.

• Minimum of 6 years of professional IT experience, working hands-on in a complex, outsourced, enterprise-level technology infrastructure. Experience working with scientific researchers and/or academic faculty preferred.
• Experience with a hybrid cloud environment (integrating on-premise technology with hosted cloud environments) preferred.
• Operations experience in IT security management, familiarity with SOC2 Type I and II, NIST, ISO27001 security frameworks, and similar standards.

• Proficiency in platforms, systems, applications, and network hardware including Azure, Windows Server, Active Directory, Exchange, and Office365; Palo Alto, Fortinet; Linux/CentOS; TCP/IP; firewall and systems security; network and system monitoring/logging; network switching and routing; business continuity and disaster recovery.
• Strong interpersonal communication skills (oral and written) with the ability to convey complex problems and solutions accurately, precisely, and succinctly..

How to Apply:
Join us at CSHL and become a pivotal part of our mission in cybersecurity. At CSHL, we are at the forefront of safeguarding critical scientific data and infrastructure at the intersection of cutting-edge research. Your expertise and dedication will play a crucial role in ensuring the security and integrity of our systems, enabling groundbreaking discoveries and advancements in cancer research. We invite your to submit an online application here Cybersecurity Manager Position ID 1171 We look forward to reviewing your application.Environment
Cold Spring Harbor Laboratory is a world-renowned biomedical research institution in New York. It has shaped contemporary biomedical research and is the home of eight Nobel Prize laureates. Cold Spring Harbor Laboratory provides a highly dynamic and interactive research environment and also a unique opportunity of timely exposure to advances in various biomedical research fields and of interaction with a broad range of researchers from all over the world through its renowned Meetings and Courses program. We believe that science is for everyone. We have had researchers with a variety of backgrounds and believe in the importance of diversity, equity, and inclusion.Compensation and Benefits
Our employees are compensated in many ways for their contributions to our mission, including competitive pay, exceptional health benefits, retirement plans, time off, and a range of recognition and wellness programs. Visit our CSHL Benefits sites to learn more. The salary range for this role is $140,000 - $170,000. The salary range and/or hourly rate listed is a good faith determination of potential base compensation that may be offered to a successful applicant for this position at the time of this job advertisement and may be modified in the future. When determining a base salary and/or rate, several factors may be considered as applicable (e.g., years of relevant experience, education, credentials, and internal equity).
CSHL is an EO/AA Employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status. VEVRAA Federal Contractor