H-1BEmpresa com aprovações comprovadas

REG. 2081380

Gerente de Segurança da Informação

Cypress Creek Renewables, LLC

VERIFICADO · 2 green cards (PERM) aprovados nos últimos 12 mesesRegistros públicos do Departamento do Trabalho dos EUA (DOL).

Gerente de segurança em Durham; empresa com 12 aprovações de LCA e 2 de PERM nos últimos 12 meses.

Ver a vaga no portal e se candidatarConhecer os planos

Cadastro grátis — o contato e o link oficial da vaga ficam no portal.

Descrição da vaga (original, em inglês)

<p><strong>The Company</strong></p> <p>&nbsp;</p> <p><span data-contrast="none">The energy industry is entering one of the most significant periods of growth and transformation in its history. Meeting the nation’s growing demand for reliable electricity will require&nbsp;new ideas, new infrastructure, and talented people committed to building for the future.</span> <span data-ccp-props="{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335557856&quot;:16777215,&quot;335559738&quot;:0,&quot;335559739&quot;:0}">&nbsp;</span></p> <p><span data-contrast="none">At Cypress Creek Energy,&nbsp;we’re&nbsp;meeting that challenge by developing and&nbsp;operating&nbsp;the energy infrastructure needed to power communities, support economic opportunity, and strengthen resilience. We believe our responsibility extends beyond the grid and that how we build matters just as much as what we build.</span><span data-ccp-props="{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335557856&quot;:16777215,&quot;335559738&quot;:0,&quot;335559739&quot;:0}">&nbsp;</span></p> <p><span data-contrast="none">That same commitment extends to our employees. We invest in professional growth, encourage collaboration across teams, and provide opportunities to take ownership, expand your&nbsp;expertise, and advance your career. Our culture is grounded in safety, accountability, respect, and a shared commitment to deliver results. Join us and help meet one of the most important energy challenges of our time while building a rewarding career.</span><span data-ccp-props="{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335557856&quot;:16777215,&quot;335559738&quot;:0,&quot;335559739&quot;:0}">&nbsp;</span></p> <p><strong>Overview</strong></p> <p><span data-contrast="none">Cypress Creek Energy is hiring an Information Security Manager to lead the company's security operations and compliance&nbsp;program. This is a hands-on individual contributor role designed for a senior technical security professional ready to take ownership of a complete program — with the opportunity to grow into a leader of a team as the function scales.</span><span data-ccp-props="{&quot;335559739&quot;:140}">&nbsp;</span></p> <p><span data-contrast="none">The successful candidate brings a balance of deep technical execution and program-level compliance maturity. You will own the day-to-day security tooling stack, lead the company's NIST-based compliance program, shape policy in emerging areas including artificial intelligence, and&nbsp;maintain&nbsp;an accurate&nbsp;view of every system in the environment. You will report directly to the Chief Technology Officer and partner closely with IT, Counsels, and business stakeholders across the company.</span><span data-ccp-props="{&quot;335559739&quot;:140}">&nbsp;</span></p> <p><strong>Responsibilities</strong></p> <p><span data-contrast="none">Security Operations &amp; Engineering</span><span data-ccp-props="{&quot;335559738&quot;:100,&quot;335559739&quot;:140}">&nbsp;</span></p> <ul> <li><span data-contrast="none">Endpoint security:&nbsp;</span><span data-contrast="none">Administer and tune Microsoft Defender across the endpoint estate, including policy configuration, alert triage, response, and reporting.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Network and access security:&nbsp;</span><span data-contrast="none">Manage the Zscaler platform (ZIA/ZPA), including policy development, traffic inspection, access controls, and integration with identity systems.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">SIEM operations:&nbsp;</span><span data-contrast="none">Own SIEM tuning, detection engineering, log source onboarding, alerting, and incident workflows. Build dashboards and metrics that surface meaningful signals.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Vulnerability management:&nbsp;</span><span data-contrast="none">Run the vulnerability scanning program across AWS and Azure cloud environments and on-premises infrastructure. Prioritize, track, and verify remediation in partnership with IT and engineering teams.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Patch management:&nbsp;</span><span data-contrast="none">Maintain&nbsp;endpoint patching cadence and reporting, ensuring coverage, exception tracking, and SLA adherence.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Digital forensics &amp; incident response:&nbsp;</span><span data-contrast="none">Lead investigations into security events, perform forensic analysis, document findings, and coordinate&nbsp;response&nbsp;with internal teams and external partners as needed.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> </ul> <p><span data-contrast="none">Compliance &amp; Governance</span><span data-ccp-props="{&quot;335559738&quot;:180,&quot;335559739&quot;:140}">&nbsp;</span></p> <ul> <li><span data-contrast="none">NIST-based program:&nbsp;</span><span data-contrast="none">Maintain&nbsp;and continuously improve the company's NIST Cybersecurity Framework-aligned security program, including controls mapping, evidence collection, and gap remediation.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Policy management:&nbsp;</span><span data-contrast="none">Own the security policy library — ensure policies and standards are current, reviewed on a defined cadence, approved through the right channels, and communicated to the business.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">AI policy and guidance:&nbsp;</span><span data-contrast="none">Develop and&nbsp;maintain&nbsp;the company's AI usage policies, acceptable use guidance, and review&nbsp;process&nbsp;for new AI tools, in coordination with Counsels and IT.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">System inventory:&nbsp;</span><span data-contrast="none">Build and&nbsp;maintain&nbsp;an authoritative inventory of systems, applications, data flows, and ownership. Keep it&nbsp;accurate&nbsp;as the environment evolves.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Audit and assessment support:&nbsp;</span><span data-contrast="none">Lead responses to internal and external audits, customer security reviews, and regulatory inquiries. Manage remediation of identified findings through closure.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Risk management:&nbsp;</span><span data-contrast="none">Identify, document, and track information security risks; propose mitigations and report on residual risk to leadership.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> </ul> <p><span data-contrast="none">Leadership &amp; Cross-Functional Partnership</span><span data-ccp-props="{&quot;335559738&quot;:180,&quot;335559739&quot;:140}">&nbsp;</span></p> <ul> <li><span data-contrast="none">Stakeholder engagement:&nbsp;</span><span data-contrast="none">Partner with IT, Counsels, HR, and business leaders on security matters,&nbsp;providing&nbsp;clear guidance that balances risk with business needs.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Operational Technology (OT):&nbsp;</span><span data-contrast="none">Act as a partner and advisor to the OT&nbsp;team&nbsp;coordinating security and compliance initiatives across the company. Manage intersection of IT and OT endpoints, systems, and networks.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Security awareness:&nbsp;</span><span data-contrast="none">Drive the security awareness program, including phishing simulations, training content, and ongoing communications.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Vendor and third-party risk:&nbsp;</span><span data-contrast="none">Assess and manage security risk associated with vendors, contractors, and third-party service providers.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Future team leadership:&nbsp;</span><span data-contrast="none">Lay the groundwork to scale the function. As the program matures,&nbsp;hire,&nbsp;mentor, and&nbsp;lead&nbsp;a team of security professionals.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> </ul> <p><strong>Education &amp; Experience Required</strong></p> <ul> <li><span data-contrast="auto">Use of AI to enhance and scale security operations –&nbsp;establish&nbsp;AI first Security Ops</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Bachelor's degree in computer science, information systems, cybersecurity, or related field — or equivalent professional experience.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">5+ years of progressive experience in information security, with&nbsp;demonstrated&nbsp;depth in security operations, engineering, or a combination of both.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Hands-on administration and tuning experience with Microsoft Defender (Endpoint, Identity, Cloud).</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Production experience operating Zscaler (ZIA and/or ZPA), including policy management and troubleshooting.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Strong SIEM experience — building detections, tuning alerts, investigating incidents, and onboarding log sources.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Vulnerability management experience across cloud environments, specifically AWS and Azure.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Working knowledge of digital forensics and incident response&nbsp;methodology.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Demonstrated experience&nbsp;operating&nbsp;a security program aligned to the NIST Cybersecurity Framework or NIST 800-53.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Track record&nbsp;of writing,&nbsp;maintaining, and operationalizing security policies and standards.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Clear written and verbal communication, including the ability to explain technical risk to non-technical audiences.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li><span data-contrast="none">Ability to work from the Durham, NC or Washington, DC office three days per week.</span><span data-ccp-props="{&quot;335559739&quot;:100}">&nbsp;</span></li> <li>Embrace and live by the mission and values of Cypress Creek Energy</li> </ul> <p><span data-contrast="none"><span data-ccp-parastyle="heading 1">Preferred Qualifications</span></span><span data-ccp-props="{&quot;335559738&quot;:320,&quot;335559739&quot;:180}">&nbsp;</span></p> <ul> <li><span data-contrast="none">Industry certifications such as CISSP, CISM, GIAC (GCIH, GCFA, GCIA), or equivalent.</span><span data-ccp-props="{&quot;3
Ver a vaga no portal e se candidatarConhecer os planos

Cadastro grátis — o contato e o link oficial da vaga ficam no portal.

Mais vagas como essa

Técnico de Escalada de TI (Nível 2)

Salt Lake City, UT

Consultor Técnico ERP Sênior

Goleta, CA

Especialista em Suporte Técnico (Nível 1)

Holladay, UT

Consultor Técnico ERP

Goleta, CA

Arquiteto de Integração

Chicago, NY

Engenheiro de Implementação de Campo

Chicago, NY

Ver todas as vagas