CannonDesign has an exciting opportunity for a Cyber Security Manager. This position can be filled remotely anywhere in the US. Look at the description below. If you think your skills and experience, make you a good match for this position, we'd love to hear from you. We're looking for creative, curious, empathetic people to join our Living-Centered Design movement.
ABOUT OUR FIRM
CannonDesign is an integrated design solutions firm focused on helping people continuously flourish. Whether designing for innovations in health, new scientific discoveries, equity in education or the next big idea in business, we use our Living-Centered Design approach to help organizations realize widespread change. Our ability to design transformational places, plans and strategies is why Fast Company named us a World Changing Company and one of the most innovative design firms in the world.
ABOUT THE ROLE
As a member of the Technology team, you will report to the CIO. You will lead cybersecurity efforts across the firm. This involves testing, assessments, and reporting on internal and external technology systems. Additionally, you will obtain independent third-party certifications of our enterprise systems relative to the Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC) model.
WHAT YOU WILL DO
- Conduct CMMC assessments and gap analysis on company IT systems.
- Evaluate and find the most efficient way to protect the system, networks, software, data, and information systems against any potential attacks.
- Provide technical assistance in developing, coordinating, and processing risk assessments. This includes creating, inspecting, reviewing policies and procedures, identifying shortfalls, making recommendations, and writing assessment reports.
- Review system related initiatives for architectural sufficiency and identify any issues
- Implement vulnerability testing, threat analyses, and security checks.
- Provide professional guidance to security teams.
- Calculate accurate cost estimations and categorize integration issues for IT project teams.
- Present NIST/CMMC requirements to CannonDesign leadership and teams working with the DOD
- Provide direction for compliance with other security protocols needed which may include SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR, and CCPA.
- Write, analyze, and design system policies and procedures for enterprise systems.
- Write, analyze, and capture network traffic over enterprise networks.
- Research new threats, attacks, and vulnerabilities that may affect IT infrastructure, and ways to identify and protect against them.
- Investigate potential cyber-attacks and intrusion attempts.
- Provide risk consultation to requests for contractors, evaluations, and questionnaires.
- Assist with proposal development, if necessary.
- Develop and continuously update firm IT incident response plan.
- Contribute to the firm BCP/DR plans and assess effectiveness.
- Coordinate independent security auditors during penetration testing and risk assessments.
- Coordinate external MSSP and SIEM teams, as required.
- Coordinate software development security efforts (code review, app sec) likely by external vendors.
- Additional duties as request.
ABOUT YOUR QUALIFICATIONS, KNOWLEDGE, SKILLS, AND ABILITIES
- Bachelor's degree in Cyber Security or a related field preferred.
- Minimum of ten (10) years' Cyber Security experience required.
- Must have experience performing NIST government compliance assessments (NIST 800-53, NIST 800-171).
- Must have working knowledge of CMMC compliance levels 1-3.
- Knowledge in computer forensics, threat hunting, and incident response procedures.
- Must have experience in evaluating Cyber Security practices and providing support to improve the Cyber Security posture.
- Must be able to effectively communicate security to company leadership
- Must be able to present NIST/CMMC requirements to CannonDesign leadership
- Must be able to customize and analyze vulnerability reports.
- Security certifications a plus
- CISSP, CISA, CISM, CEH, GSEC, SSCP, CCISO, CAP, and/or CASP
As a Federal Contractor, CannonDesign is required to comply with President Biden's Executive Order 14042. Therefore, as a condition of employment, all employees must provide proof of receipt of a full COVID-19 vaccination unless qualified for a valid medical or religious accommodation.
The salary range for this position is $140,000 to $160,000 annually. This salary range is the range we believe is the anticipated range of possible base compensation at the timing of the posting. We may ultimately pay more or less than the anticipated salary range for the position. Employees may be eligible for discretionary bonuses. We offer a full benefit package including medical, dental and vision coverage and flexible spending account options and voluntary insurances. We have paid time off, flex-time summer hours, remote work options and a 401k plan and employee perk programs. For a general overview of our benefits, please visit our careers page at . Actual compensation may vary from posting based on geographic location, work experience, education and/or skill level.
ABOUT WORKING HERE
- We are relentless in our pursuit of client adoration (not simply satisfaction). Consistent delivery of the best service is what we are about.
- We are committed to ensuring our practice is equitable for all employees, representative of the communities around us - and focused on the future of design. We advocate for equity, diversity, and inclusion efforts through the leadership of our DEI Council, Employee Resource Groups and other community advocacy initiatives.
- We're about communication and transparency here. If you want to talk to someone about an idea you have, or a challenge that needs addressing, we're ready for you.
For a general overview of our benefits, please visit our careers page at
Please note that candidates can only apply to our positions on our company Careers site. It's not uncommon for scammers to create positions that look legitimate on other sites; never enter your information or apply for CannonDesign positions on any platform. Should an issue arise that you feel we should be aware of, please contact us. Please provide your resume and portfolio when applying.
As a condition of employment, all employees are expected to complete mandatory training, including compliance training, within required timeframes and adhere to our internal policies and our Code of Conduct.
CannonDesign recognizes the value of diversity in our workforce. We are committed to equal opportunity. We consider all qualified employment applicants without regard to race, religion, color, gender, age, national origin, sexual orientation, gender identity, partnership status, protected veteran status, disability, or any other status protected by federal, state, or local law. Individuals who hold legal work authorization applicable to employment at CannonDesign in the United States will be considered without regard to citizenship/alienage.