​About the Role

The Manager, Cybersecurity will lead the day-to-day cybersecurity activities of WCB, while managing and mentoring a technical security team. This role is responsible for overseeing a team of cybersecurity professionals, third-party security monitoring services, operational security functions, and ensuring effective detection, response, reporting, and continuous improvement of the organization’s cybersecurity posture.

The manager will work closely with internal and external partners and vendors, contribute to projects and operational initiatives, and provide clear, actionable reporting to management on all cybersecurity activities.

Cybersecurity Operations & Oversight

•    Manage and oversee daily cybersecurity operations, ensuring effective monitoring, detection, response, and remediation of security incidents.
•    Act as the primary operational lead for the third-party security alert monitoring (SOC/MDR) service, including alert triage, escalation, review, and service performance management.
•    Oversee vulnerability management activities, including scanning, prioritization, remediation tracking, and reporting.
•    Coordinate security awareness training and phishing campaigns
•    Oversee incident response and disaster recovery plans, ensuring accuracy and coordinating actions during security breaches.

Team Leadership & People Management

•    Lead, mentor, and develop the cybersecurity team, fostering a collaborative and operationally effective security culture.
•    Assign work, set priorities, and ensure appropriate coverage for daily security operations.
•    Provide coaching, manage performance and performance feedback, and support professional development.

Technology & Platform Ownership

•    Oversee Microsoft security technologies, including Microsoft Sentinel and Microsoft Defender.
•    Ensure effective security controls across the Microsoft 365 environment.
•    Maintain operational alignment with security best practices and organizational risk tolerance.

Governance, Risk & Frameworks

•    Apply and operationalize industry frameworks, including NIST CSF 2.0, ISO 27001, SOC2, and Enterprise Risk Management (ERM) practices.
•    Support risk assessments, control mapping, and ongoing risk tracking.
•    Contribute to the development, maintenance, and execution of cybersecurity policies, standards, procedures, and resilience strategies, including incident response and disaster recovery capabilities.

Reporting & Communication

•    Prepare and update cybersecurity reports for management, covering metrics, incidents, risks, trends, and remediation efforts.
•    Assist with the coordination and response to security assessments penetration testing, audit findings, and vulnerability testing
•    Communicate security posture, risks, and incidents clearly to both technical and non-technical partners.

Collaboration & Vendor Engagement

•    Actively participate in project and operational meetings, providing cybersecurity input and guidance.
•    Serve as the primary point of contact for cybersecurity vendors and service providers.
•    Evaluate vendor performance and support security-related procurement and renewals.

Your Experience & Skills

•    A Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field
•    A minimum of 5 years’ related experience in cybersecurity operations; three of which involved demonstrated experience in a leadership capacity or role. 
•    Possession of CISSP or CISM designation (active and in good standing)

The manager should have demonstrated knowledge and practical application in most of the following areas:

Technical Skills
•    NIST Cybersecurity Framework (CSF) 2.0
•    SOC2
•    Technical expertise in IT security architecture, network architecture, firewalls, intrusion detection and prevention systems, and multiple operating systems
•    Microsoft Purview & Data Loss Prevention (DLP)
•    Microsoft Sentinel
•    Microsoft Defender
•    AWS and Microsoft 365 environments 
•    Vulnerability management programs (Tenable, Qualys)
•    Experience working with third-party security monitoring or managed detection and response services.
•    Strong communication, partner management, and reporting skills.
•    Experience in incident response and threat hunting activities.
•    Monitor compliance with security policies and regulatory requirements.
•    Experience supporting security initiatives within complex organizations.
•    Understanding of cloud security concepts beyond Microsoft 365.

Interpersonal Skills
•    Strong leadership and ownership mindset
•    Excellent communication and presentation still with technical resources, business partners, and executive leadership
•    Ability to manage competing priorities and drive outcomes