Cole Haan Logo

Cole Haan

Senior Manager, Cybersecurity Operations & Risk Management (Remote)

Posted 7 Days Ago
Be an Early Applicant
In-Office or Remote
Hiring Remotely in Greenland, NH
155K-185K Annually
Senior level
In-Office or Remote
Hiring Remotely in Greenland, NH
155K-185K Annually
Senior level
Lead and improve cybersecurity operations, incident response, vulnerability management, and technical risk reduction. Coordinate cross-functional remediation, manage security technologies and vendors, develop metrics and playbooks, and communicate risks to stakeholders and leadership.
The summary above was generated by AI
Job Summary & Responsibilities

Reporting to the Senior Director, Cybersecurity & Compliance, the Senior Manager, Cybersecurity Operations & Risk Management is responsible for the operational oversight and continuous improvement of cybersecurity operations, incident response, vulnerability management, and technical risk reduction activities. This is a senior manager-level individual contributor role that leads initiatives through influence, coordination, and cross-functional partnership rather than direct people management.

 

The role partners with IT teams, business stakeholders, vendors, and managed service providers to strengthen security controls, reduce risk, and drive timely remediation of security issues. As the operational lead for key cybersecurity functions, this position helps ensure threats, vulnerabilities, and control weaknesses are effectively identified, prioritized, and addressed.

 

The ideal candidate combines strong technical expertise, operational leadership, and communication skills with a demonstrated ability to drive measurable security improvements across a global environment

 

CORE ACCOUNTABILITIES:

 

Security Operations & Incident Response

  • Lead cybersecurity monitoring, investigations, and incident response activities
  • Serve as the operational lead and primary coordinator for cybersecurity incidents and investigations
  • Coordinate containment, recovery, stakeholder communications, and post-incident remediation activities
  • Develop and maintain incident response procedures, playbooks, and tabletop exercises
  • Partner with internal teams, vendors, and managed security service providers to investigate and resolve security events
  • Develop operational metrics and reporting related to threats, incidents, response effectiveness, and overall security posture
  • Develop and maintain operational dashboards and reporting that provide leadership visibility into critical vulnerabilities, remediation status, technology lifecycle risks, security incidents, and unresolved risk exposures

Vulnerability & Threat Management

  • Own vulnerability identification, risk-based prioritization, remediation tracking, exception management, reporting and stakeholder engagement processes. Establish remediation expectations, monitor adherence, remediation SLAs, and escalate aging risks to appropriate technology and business leaders
  • Maintain visibility into end-of-life (EOL) and end-of-support (EOS) technology risks. Partner with Infrastructure, Applications, and Architecture teams to ensure replacement, upgrade, or risk mitigation plans are established and tracked before expiration dates
  • Partner with technology teams to drive timely remediation of vulnerabilities and security weaknesses
  • Develop vulnerability metrics and reporting to measure remediation performance, risk reduction, and program effectiveness
  • Manage vulnerability exceptions and ensure risk acceptance decisions are documented and periodically reviewed
  • Assess emerging threats and organizational exposure to inform remediation priorities
  • Partner with Security Architecture to align remediation efforts with security standards and long-term risk reduction objectives

Security Technology & Operations Improvement

  • Serve as the operational owner for cybersecurity technologies and services, ensuring they effectively support threat detection, incident response, vulnerability management, and risk reduction objectives
  • Continuously improve security monitoring, detection, response, and reporting capabilities
  • Administer and continuously improve endpoint privilege management (EPM) controls to support least-privilege access, application control, and endpoint risk reduction
  • Design and optimize operational workflows, dashboards, alerts, and automation opportunities
  • Partner with Security Architecture and Infrastructure teams to implement and operationalize new security controls and technologies
  • Support onboarding, integration, and optimization of security technologies across the enterprise
  • Manage cybersecurity vendor and service provider relationships, ensuring effective service delivery, operational performance, issue resolution, and alignment with security objectives

 

Security Risk & Control Management

  • Conduct technical security assessments to identify cybersecurity risks, control weaknesses, and remediation opportunities across infrastructure, cloud, applications, and security technologies
  • Partner with Infrastructure, Cloud, Applications, and Security Architecture teams to develop remediation plans
  • Validate implementation and effectiveness of security controls
  • Provide technical expertise and evidence in support of cybersecurity audits, assessments, and compliance activities
  • Maintain remediation tracking, cybersecurity risk registers, technology lifecycle risk inventories, and operational security improvement plans. Drive regular review of outstanding risks with accountable technology leaders and facilitate escalation of overdue remediation activities
  • Assist with third-party security assessments and technical due diligence reviews

Leadership & Collaboration

  • Serve as a trusted cybersecurity subject matter expert across operational security initiatives.
  • Build strong relationships with technology teams, business stakeholders, vendors, and service providers
  • Drive accountability for remediation activities and security commitments
  • Foster a culture of operational excellence, continuous improvement, and proactive risk management
  • Communicate cybersecurity risks and recommendations to both technical and non-technical audiences
  • Establish and lead recurring cybersecurity operational review meetings focused on vulnerability remediation, technology lifecycle risks, exception management, and risk reduction progress across the enterprise
Preferred Qualifications

Education

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field
  • Advanced degree preferred

Experience

  • 7+ years of cybersecurity experience, with demonstrated success in security operations, incident response, vulnerability management, and technical risk reduction initiatives
  • 3-5 years leading security operations, vulnerability management, or incident response functions.
  • Experience managing security incidents and coordinating cross-functional technical response activities
  • Experience working with SIEM, EDR/XDR, vulnerability management, and cloud security platforms
  • Experience prioritizing remediation efforts using business risk, exploitability, and threat intelligence
  • Experience presenting cybersecurity risks, trends, and operational metrics to leadership
  • Experience working with cybersecurity vendors, MSSPs, and technology partners

 

Preferred Areas of Expertise

 

  • Security Operations & Monitoring
  • Incident Response
  • Vulnerability Management
  • Threat Intelligence
  • SIEM & Security Analytics
  • EDR/XDR Platforms
  • Identity & Access Management
  • Privileged Access Management
  • Microsoft 365 Security
  • Cloud Security
  • Security Automation

 

Preferred Certifications

 

  • CISSP
  • CISM
  • GCIH
  • Security+
  • Microsoft Security Certifications

Base Salary/Hourly Range: From $155,000 to $185,000 annually*

Bonus Eligibility: Yes, eligible for annual target bonus based on company and individual performance

Benefits Offered: Health Insurance, Dental Insurance, Vision Care, Health Savings Account with Employer Contribution, Flexible Spending Accounts, 401(k) Retirement Plan with Employer Matching Contributions, Short-Term Disability Insurance, Life Insurance, Vacation Time, Sick Time, Paid Parental Leave, Adoption Assistance Program, Charitable Matching Gifts Program, Holidays and Cole Haan Discounts

Paid Time Off: Paid vacation days starting at 120 hours, 11 paid company and personal holidays, 3 volunteer days

Sick Leave: Eligible non-exempt employees earn one hour of sick time for every 30 hours worked. Eligible exempt full-time employees earn 2.67 hours of sick time each bi-weekly pay period

 

*Rate of pay dependent upon candidates’ relevant skills, experience, and location

Similar Jobs

16 Minutes Ago
Easy Apply
Remote
United States
Easy Apply
Senior level
Senior level
Cloud • Information Technology • Security • Software
Independent contractor responsible for full-cycle recruiting for GTM roles (Enterprise AEs, Sales Engineers, CSMs, up to Director). Deliver qualified candidate slates, manage candidate experience through offer, coordinate with hiring managers, maintain ATS records, provide progress updates, and flag risks. Engagement is project-based, deliverable-driven, and scoped to a fixed term.
Top Skills: AtsGreenhouse
2 Hours Ago
Remote or Hybrid
120K-225K Annually
Senior level
120K-225K Annually
Senior level
Artificial Intelligence • Fintech • Insurance • Marketing Tech • Software • Analytics
Lead design, configuration, testing, and support of SAP PaPM solutions for Record-to-Report. Translate business requirements into functional/technical specs, build complex financial models/allocations, optimize processes, troubleshoot production issues, mentor junior staff, and support implementation, testing, and post-production transition activities.
Top Skills: Analysis For OfficeCds ViewsETLFi/CoOdata ServicesSap Analytics CloudSap BpcSap BwSap FpslSap Hana SqlSap PapmSap S/4 HanaWeb Intelligence
2 Hours Ago
Remote or Hybrid
156K-281K Annually
Senior level
156K-281K Annually
Senior level
Artificial Intelligence • Fintech • Insurance • Marketing Tech • Software • Analytics
Lead Anaplan platform architecture and evolution into an enterprise planning solution. Define integration and governance standards, partner with data teams, guide cloud and integration architecture (Snowflake, IDMC, AWS), mentor engineers, support incidents, evaluate Anaplan features, and drive roadmap and AI inclusion in planning processes.
Top Skills: AnaplanAnaplan Certified Model BuilderAWSAws IamAws S3CRMData WarehouseErpInformatica IdmcOneglSnowflake

What you need to know about the Los Angeles Tech Scene

Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.

Key Facts About Los Angeles Tech

  • Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
  • Key Industries: Artificial intelligence, adtech, media, software, game development
  • Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
  • Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account