Manager, Cybersecurity

Get started on an exciting career at Element!

Element employees make a difference in the lives of others every day. We are re-defining the fleet management industry to be people first, then business delivering on our promise of a superior client experience.

This takes hard work and innovation, and we need more like-minded people on our team.

What We Need

We are looking for a Manager, Cybersecurity to join Element Fleet Management. As the largest pure-play fleet manager in the world, we provide unmatched products and services and solutions to our clients.

At Element, employees play a critical role in delivering value to customers and ensuring an exceptional client experience.

We are committed to the success of our clients, employees, and investors by fostering a culture where every employee can make a difference!

The Cybersecurity Manager manages the operational responsibilities associated with the planning, coordination, mitigation and continual improvement of assigned enterprise wide cybersecurity detect and response controls.

In addition, this role will recommend and facilitate implementation of best practices in cybersecurity for Element. This individual must possess strong leadership, communication, planning skills, and have a broad cybersecurity and IT background in systems, servers, networks and hardware experience gained in managing and delivering critical IT services.

Success for the role will be to support the delivery of a threat defense program that is positioned to address, contain, and drive successful resolution to any cybersecurity situation.

Are You :

A leader in conducting risk assessments, threat modeling, and vulnerability analyses?

Knowledgeable of compliance standards, regulatory requirements, and industry best practices in cybersecurity?

An expert at designing and implementing robust security architectures and protocols, with experience collaborating with cross-functional teams to embed security into the development lifecycle?

A Day in the Life

Security Domain Structure

Perform oversight of the development, implementation and evaluation of information system security program; special emphasis placed upon integration of existing Cloud platforms and hybrid systems within assigned area

Perform risk assessments and make recommendations to leadership for improvements to manage cybersecurity risk

Advise business on security testing methodologies and processes

Develop and maintain a formal Information Systems Security Program for assigned areas

Ensure that all Indicator of Attack (IOA)s, network administrators, and other cyber security personnel receive the necessary technical and security training to carry out their duties

Conduct periodic assessments of the security posture of the authorization boundaries

Build deliverables - Develop, review, endorse, and recommend actions

Develop and execute security assessment plans that include verification that the features and assurances required for each protection level are functioning

Maintain a and / or applicable repository for all system authorization documentation and modifications

Partner with Director to create and implement an Element Cybersecurity Governance Council

Support development of policies and procedures for responding to security incidents, to include investigating and reporting security violations and incidents

Ensure compliance with the company’s storage & retention policies that they are in place for clearing, sanitizing, and destroying various types of hardware and media

Ensure proper protection or corrective measures have been taken when an incident or vulnerability has been discovered within a system

Lead and manage development and implementation of an information security education, training, and awareness program, to include attending, monitoring, and presenting local cyber security training

Evaluate threats and vulnerabilities to ascertain whether additional safeguards are needed

Assess changes in the system, its environment, and operational needs that could affect the authorization

Engage Clients

Works with IT Cybersecurity leadership to assure the cybersecurity program is balanced, controlled, and that it is aligned with business needs

Partner with other business teams in to continuously improve and advance the organizations operational security capabilities;

including ISO 27001, NIST Cybersecurity framework & NIST 800.53

Evaluate and communicate cyber security & privacy risks / vulnerability landscape and solutions to business leadership

Collaborate with cross-functional teams to deliver projects and enhancements

Conduct the duties of the Information System Security Director when not present / available

Lead and manage third party risk management program

Ongoing system management

Ensure configuration management (CM) for security-relevant changes to software, hardware, and firmware and that they are properly documented

Ensure that system recovery and reconstitution processes developed and monitored to ensure that systems can be recovered based on defined availability levels

Ensure periodic testing is conducted to evaluate the security posture of Element by employing various intrusion / attack detection and monitoring tools

Maintain metrics, reporting and tracking program to ensure processes working as designed and risks are being tracked

Ensure all Standard Operating Procedures (SOPs) & Policy documentation is current and accessible to properly authorized individuals

Ensure that system security requirements are addressed during all phases of the system life cycle

Lead & participate in ICSA (Internal Control Self Assessments), and current state assessments

Requirements

Bachelor’s Degree in IT or related field required

7+ years related experience ideally in roles with a focus on cybersecurity, systems security, or network security

Industry certifications required (one of three) : CISSP, CISM, CISA (or in process of completing within 6 months)

Certifications : CRISC, ISO 27001 (preferred)

Familiarity with PCIDSS compliance program

Design and architecture experience

Experience with EDR / MDR, WAF / WAS and Microsoft Security products and technologies involved in large scale enterprise deployments / data centers

Experience in deploying and / or supporting enterprise security software products such as firewalls, IPS, Anti-Virus solutions, application firewalls, high availability solutions, network management systems, virtual systems

Experience with tools such as Vulnerability Detection & Management tools like Nessus, Qualys

Deep technical understanding of modern cybersecurity threats

Validated track record in hands-on approach to maturing defense capabilities in highly targeted environments at scale

Proficiency in managing and optimizing security technologies and tools

Excellent leadership and communication skills to inspire and guide a team toward security excellence

Expertise in technologies involved in large scale enterprise deployments / data centers

Experience implementing and using complicated software products that involve multiple components

Prior experience in penetration testing

Background in creating or maintaining security policies, providing training to internal employees on possible external threats to the IT environment and managing third party vendors

Strong analytical, problem-solving skills and communication (written & oral) skills

Ability to clearly document complicated steps and procedures

Familiarity with Microsoft security

A solid understanding of Windows and Linux systems, general operating system security practices, TCP / IP networking, 802.

1x and network security concepts

Demonstrated experience with preparing presentations for leadership

What’s in it for You

• A culture of innovation, empowerment, decision-making, and accountability
• Comprehensive health and welfare benefits that serve the needs of you and your family and foster a culture of wellness
• Additional benefits and amenities, including paid time-off programs (vacation, sick leave, and holidays)
• Hybrid work environment for most positions

Applicants will be required to undergo a background check only if and after a conditional offer of employment has been extended.

Element Fleet Management and its wholly owned subsidiaries are an equal opportunity employer committed to diversity and inclusion.

We are pleased to consider all qualified applicants for employment without regard to race, color, religion, gender identity, age, sex, sexual orientation, disability, national origin, Aboriginal / Native American status, protected veterans’ status or any other legally-protected factors.

Disability-related accommodations during the application and interview process are available upon request. Should you require an accommodation with our hiring process please send an email to or call (800) 665-9744.