SUMMARY OF RESPONSIBILITIES

The Sr Manager Cyber Security is responsible for leading the development and execution of enterprise-wide information security strategy, risk mitigation controls, and governance to protect FirstKey Homes from cyber threats. This role provides strategic oversight of cybersecurity operations, ensuring the confidentiality, integrity, and availability of company systems, data, and assets. Key responsibilities include diagnosing and resolving complex security issues, leading incident response efforts, and developing Root Cause and Corrective Action (RCCA) reports. The Sr Manager will ensure that critical cybersecurity controls are properly implemented, maintained, and aligned with organizational risk tolerance. This position will also lead the drafting and ratification of cybersecurity policies and procedures and will be expected to build strong business cases to secure funding for new capabilities, tools, or programs. The role includes preparing executive-level reporting, delivering board-ready metrics, and may involve presenting key cybersecurity updates to senior leadership and the Board of Directors as needed.

ESSENTIAL DUTIES

· Will lead and develop a team of 2-3 Cyber Security Analysts

· Conducts a Cyber Security Incident response plan tabletop exercise no less than annually

· Will keep the companies cyber incident response plan (CIRP) up to date

· Participates in the 3rd party vendor onboarding vetting process from a cyber security standpoint.

· Will manage the company’s cyber security posture in Azure and Microsoft O365.

· Will conduct training sessions with end users and promote a cyber security awareness culture to protect the organization from Phishing and other cyber attacks. (Experience with KnowB4 Phish Test and training platform)

· Responsible for the review of O365 and Azure Secure Scores and remediating vulnerabilities.

· Responsible for Vulnerability Management (Qualys) and will work closely with Patch Management team

· Provide metrics on key security systems (Qualys, Bitdefender, MS Defender CAS and others)

· Responsible for security related helpdesk tickets and investigations under legal advisement

· Implement a SIEM (or MDR) log management solution for alerts that can be used to identify threats, conduct forensic analysis and that can be used for 24x7 monitoring by an external 3rd party SOC

· Assist in the creation and maintenance of Information Security policies

· Conduct third-party risk assessments including an annual Cyber security assessment with a 3rd party provider

· Will conduct a CIS Top 18 self-assessment and develop a remediation plan for gaps.

· Responsible for implementing DLP governance, Secure Authentication, and a password management strategy

· Will work closely with the application development team to ensure alignment with security and coding best practices

· This summary is not an all-inclusive description of job duties. Other duties and responsibilities may also be assigned by the incumbent’s manager at any time based upon Company need.

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

WORKING CONDITIONS

· Primarily working indoors, office environment.

· May sit for several hours at a time.

· Prolonged exposure to computer screens.

· Repetitive use of hands to operate computers, printers, and copiers.

REQUIRED EDUCATION AND EXPERIENCE

· Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or equivalent work experience and/or education

· 3-6 years Hands-on experience as an Information Security Analyst or similar role

· Certified CISSP or equivalent

· Experience with leading cyber security assessments in coordination with

· Comp TIA Security+ or comparable Information Security certification(s)

· High proficiency with Microsoft Office (Word, Excel, PowerPoint, Outlook)

· Hands-on experience with Windows/Linux/Mac OS environments

PREFERRED EDUCATION AND EXPERIENCE

· CISSP, CEH, CISM

· Experience working with Vulnerability Management solutions (Qualys, Tenable, Rapid7)

· Experience with Bit Defender XDR 7x24 Hr SOC or other comparable SIEM

· Experience working with Microsoft Azure or Amazon Web Services (AWS)

· Experience working with Microsoft Cloud App Security (CAS) and conditional access policies

· Experience working with Antivirus software and Malware remediation (Bitdefender, McAfee, MNS-Defender, Darktrace) and other products

· Experience working with Active Directory management

· Experience working with Data Access Request (DSR) and eDiscovery or related tools

· Experience working in property management, real estate, or similar industry

· Experience working in fast pace, high-growth company

REQUIRED KNOWLEDGE

· Computers— Knowledge of computer hardware and software, including applications and programming.

· Customer Service — Knowledge of principles and processes for providing customer services. This includes customer needs assessment, meeting quality standards for services, and evaluation of customer satisfaction.

REQUIRED SKILLS

· Active Listening — Giving full attention to what other people are saying, taking time to understand the points being made, asking questions as appropriate, and not interrupting at inappropriate times.

· Active Learning — Understanding the implications of new information for both current and future problem-solving and decision-making.

· Critical Thinking — Using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions, or approaches to problems.

· Complex Problem Solving — Identifying complex problems and reviewing related information to develop and evaluate options and implement solutions.

· Troubleshooting — Determining causes of operating errors and deciding what to do about it.

· Systems Analysis — Determining how a system should work and how changes in conditions, operations, and the environment will affect outcomes.

· Service Orientation — Actively looking for ways to help people.

· Time Management — Managing one's own time and the time of others.

· Speaking — Talking to others to convey information effectively.

· Writing — Communicating effectively in writing as appropriate for the needs of the audience.

WORK STYLES & BEHAVIORS

· Attention to Detail — Job requires being careful about detail and thorough in completing work tasks.

· Dependability — Job requires being reliable, responsible, and dependable, and fulfilling obligations.

· Cooperation — Job requires being pleasant with others on the job and displaying a good-natured, cooperative attitude.

· Stress Tolerance — Job requires accepting criticism and dealing calmly and effectively with high stress situations.

· Adaptability/Flexibility — Job requires being open to change (positive or negative) and to considerable variety in the workplace.

FirstKey Homes is an equal opportunity employer and will not tolerate discrimination in employment on the basis of race, color, age, sex, sexual orientation, gender identity or expression, religion, disability, ethnicity, national origin, marital status, veteran status, genetic information or any other legally protected classification or status.