Job Description

Grupo Ferré Rangel

It's fun to work in a company where people truly BELIEVE in what they're doing!

We're committed to bringing passion and customer focus to the business

The Cyber Security Manager position is a Full time, Regular position.

MAIN RESPONSIBILITIES
• Develop, implement, and maintain a comprehensive enterprise cybersecurity strategy aligned with business goals and risk tolerance.
• Define and enforce cybersecurity policies, procedures, and standards across the organization.
• Serve as a subject matter expert and advisor to senior leadership on cybersecurity matters.
• Monitor networks and systems for security breaches using specific tools and threat intelligence feeds.
• Lead investigations into security incidents and coordinate incident response and remediation efforts.
• Develop, maintain, and regularly test incident response, business continuity, and disaster recovery plans.
• Conduct regular cybersecurity risk assessments and gap analyses to identify vulnerabilities and threats.
• Ensure compliance with internal policies and external regulations.
• Coordinate third-party and internal audits and drive remediation activities.
• Evaluate, recommend, and oversee the implementation of security solutions such as firewalls, antivirus, DLP, IAM, MFA, and EDR.
• Partner with infrastructure and application teams to integrate security into system design and development.
• Manage security for cloud, hybrid, and on-premises environments.
• Lead, coach, and develop a team of cybersecurity analysts and engineers.
• Plan and manage security training and awareness campaigns for employees and contractors.
• Establish OKRs and metrics to track team performance and incident response effectiveness.
• Conduct security assessments of third-party vendors and service providers.
• Establish vendor security standards and ensure contractual security obligations are met.
• Collaborate with Finance and Legal to ensure security is built into contracts and SLAs.
• Stay up to date with emerging cyber threats, vulnerabilities, attack vectors, and mitigation techniques.
• Leverage threat intelligence to proactively adjust defense mechanisms.
• Participate in industry forums and security communities to benchmark and share best practices.
• Develop and manage the cybersecurity budget, resource allocation, and tool investments.
• Provide input into strategic planning for IT and business initiatives from a security perspective.
• Complies fully and consistently with the Company's standards, policies, and procedures and the local and federal laws applicable to our industry, business, and employment practices.
• May perform other duties and responsibilities as assigned, in accordance with the education and experience requirements contained in this document.

QUALIFICATIONS
• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
• 5+ years of experience in cybersecurity or information security roles. 2+ years of team leadership or management experience.

KNOWLEDGE, SKILLS AND ABILITIES
• Strong knowledge of cybersecurity frameworks, standards, and regulations (e.g., NIST, ISO 27001, CIS, GDPR, HIPAA).
• Proficient in managing and configuring security technologies such as firewalls, intrusion detection/prevention systems, endpoint protection, DLP, IAM, MFA, and EDR solutions.
• Deep understanding of network protocols, operating systems (Windows, Linux), and cloud platforms (AWS, Azure, Google Cloud).
• Experience conducting risk assessments, vulnerability scans, and penetration testing.
• Demonstrated ability to lead incident response efforts and coordinate remediation activities.
• Skilled in designing and implementing security policies, procedures, and technical controls.
• Strong project management capabilities and ability to balance multiple priorities effectively.
• Proven leadership and team development skills with the ability to mentor and motivate staff.
• Excellent analytical and problem-solving skills, with keen attention to detail.
• Effective communication and presentation skills, with the ability to explain technical issues to non-technical audiences.
• Strong collaboration and interpersonal skills to work cross-functionally with IT, legal, finance, and business units.
• Ability to stay current with emerging threats, trends, technologies, and regulatory changes in the cybersecurity landscape.
• High level of integrity, professionalism, and discretion when handling sensitive information.
• Experience utilizing Microsoft Office products (MS Word, Excel, and Outlook).
• Bilingual (writing, conversational and reading comprehension in English and Spanish).

CERTIFICATIONS/ LICENSES/ PROFESSIONAL AFFILIATIONS
• Certifications such as CISSP, CISM, CEH, CompTIA Security+, or GIAC certifications, and membership in recognized cybersecurity professional organizations (e.g., ISACA, (ISC)²), are preferred.

WORKING CONDITIONS
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.
• The noise level in the work environment is usually moderate.
• Will operate a computer, copier, and other modern office equipment. The employee generally works indoors in an office.
• Ability to work in a fast-paced environment with flexible hours, including evenings or weekends in response to security incidents or urgent system updates.
• Occasional offsite visits may be required, as requested by the organization.
• Hybrid modality.

PHYSICAL REQUIREMENTS
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.
• Ability to sit for extended periods while working on a computer and managing various cybersecurity projects and incident responses.
• Regular use of hands and fingers for typing, navigating digital tools, and operating office equipment.
• Occasional lifting and carrying of technical equipment, such as laptops, servers, or security hardware, typically up to 25 pounds.
• Strong visual and auditory skills are essential to monitor security alerts, analyze data, and participate in virtual meetings and briefings.

If you thrive in an environment that fosters growth and collaboration with motivated, enthusiastic high achievers, you'll find a fulfilling career with us!

Grupo Ferré Rangel is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, disability, age, or veteran status. We encourage applications from individuals of all backgrounds.

Grupo Ferré Rangel

¡Nada mejor que trabajar en un lugar donde todos realmente CREEN en su propósito!

Nuestra misión es aportar pasión y atención al cliente en cada paso del camino.

La posición Cyber Security Manager es Full time y Regular.

MAIN RESPONSIBILITIES
• Develop, implement, and maintain a comprehensive enterprise cybersecurity strategy aligned with business goals and risk tolerance.
• Define and enforce cybersecurity policies, procedures, and standards across the organization.
• Serve as a subject matter expert and advisor to senior leadership on cybersecurity matters.
• Monitor networks and systems for security breaches using specific tools and threat intelligence feeds.
• Lead investigations into security incidents and coordinate incident response and remediation efforts.
• Develop, maintain, and regularly test incident response, business continuity, and disaster recovery plans.
• Conduct regular cybersecurity risk assessments and gap analyses to identify vulnerabilities and threats.
• Ensure compliance with internal policies and external regulations.
• Coordinate third-party and internal audits and drive remediation activities.
• Evaluate, recommend, and oversee the implementation of security solutions such as firewalls, antivirus, DLP, IAM, MFA, and EDR.
• Partner with infrastructure and application teams to integrate security into system design and development.
• Manage security for cloud, hybrid, and on-premises environments.
• Lead, coach, and develop a team of cybersecurity analysts and engineers.
• Plan and manage security training and awareness campaigns for employees and contractors.
• Establish OKRs and metrics to track team performance and incident response effectiveness.
• Conduct security assessments of third-party vendors and service providers.
• Establish vendor security standards and ensure contractual security obligations are met.
• Collaborate with Finance and Legal to ensure security is built into contracts and SLAs.
• Stay up to date with emerging cyber threats, vulnerabilities, attack vectors, and mitigation techniques.
• Leverage threat intelligence to proactively adjust defense mechanisms.
• Participate in industry forums and security communities to benchmark and share best practices.
• Develop and manage the cybersecurity budget, resource allocation, and tool investments.
• Provide input into strategic planning for IT and business initiatives from a security perspective.
• Complies fully and consistently with the Company's standards, policies, and procedures and the local and federal laws applicable to our industry, business, and employment practices.
• May perform other duties and responsibilities as assigned, in accordance with the education and experience requirements contained in this document.

QUALIFICATIONS
• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
• 5+ years of experience in cybersecurity or information security roles. 2+ years of team leadership or management experience.

KNOWLEDGE, SKILLS AND ABILITIES
• Strong knowledge of cybersecurity frameworks, standards, and regulations (e.g., NIST, ISO 27001, CIS, GDPR, HIPAA).
• Proficient in managing and configuring security technologies such as firewalls, intrusion detection/prevention systems, endpoint protection, DLP, IAM, MFA, and EDR solutions.
• Deep understanding of network protocols, operating systems (Windows, Linux), and cloud platforms (AWS, Azure, Google Cloud).
• Experience conducting risk assessments, vulnerability scans, and penetration testing.
• Demonstrated ability to lead incident response efforts and coordinate remediation activities.
• Skilled in designing and implementing security policies, procedures, and technical controls.
• Strong project management capabilities and ability to balance multiple priorities effectively.
• Proven leadership and team development skills with the ability to mentor and motivate staff.
• Excellent analytical and problem-solving skills, with keen attention to detail.
• Effective communication and presentation skills, with the ability to explain technical issues to non-technical audiences.
• Strong collaboration and interpersonal skills to work cross-functionally with IT, legal, finance, and business units.
• Ability to stay current with emerging threats, trends, technologies, and regulatory changes in the cybersecurity landscape.
• High level of integrity, professionalism, and discretion when handling sensitive information.
• Experience utilizing Microsoft Office products (MS Word, Excel, and Outlook).
• Bilingual (writing, conversational and reading comprehension in English and Spanish).

CERTIFICATIONS/ LICENSES/ PROFESSIONAL AFFILIATIONS
• Certifications such as CISSP, CISM, CEH, CompTIA Security+, or GIAC certifications, and membership in recognized cybersecurity professional organizations (e.g., ISACA, (ISC)²), are preferred.

WORKING CONDITIONS
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.
• The noise level in the work environment is usually moderate.
• Will operate a computer, copier, and other modern office equipment. The employee generally works indoors in an office.
• Ability to work in a fast-paced environment with flexible hours, including evenings or weekends in response to security incidents or urgent system updates.
• Occasional offsite visits may be required, as requested by the organization.
• Hybrid modality.

PHYSICAL REQUIREMENTS
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.
• Ability to sit for extended periods while working on a computer and managing various cybersecurity projects and incident responses.
• Regular use of hands and fingers for typing, navigating digital tools, and operating office equipment.
• Occasional lifting and carrying of technical equipment, such as laptops, servers, or security hardware, typically up to 25 pounds.
• Strong visual and auditory skills are essential to monitor security alerts, analyze data, and participate in virtual meetings and briefings.

Si disfrutas de un ambiente que promueve el crecimiento y la colaboración con personas motivadas, entusiastas y comprometidas con el éxito, ¡tenemos la carrera ideal para ti!

Grupo Ferré Rangel de ser un Patrono con Igualdad de Oportunidades de Empleo. No discriminamos por raza, color, religión, sexo, orientación sexual, identidad de género, origen nacional, edad, discapacidad, información genética u otro estado o característica protegida por las leyes federales, estatales o locales. Todos los solicitantes calificados serán considerados para empleo sin importar estas características. Animamos a personas de todos los orígenes y experiencias a postularse. Si necesitas asistencia o acomodos razonables debido a una discapacidad, por favor contáctanos en talento@gfrpr.com.

LinkedIn