Experienced Full Stack Cybersecurity Manager – Network Protection and Advanced Risk (CDR) Group

Join arenaflex, a leading global airline, in our mission to become the safest digital airline in the industry. Are you a seasoned cybersecurity professional looking for a new challenge? Do you have a passion for protecting sensitive data and preventing cyber threats? Look no further than arenaflex, a world-class airline that's committed to elevating and empowering individuals in the places where we work, live, and fly.

About arenaflex

arenaflex is a global airline that operates in multiple regions around the world, serving millions of customers and employing thousands of team members. As a leader in the industry, we have a profound responsibility to safeguard our customers' and employees' data, ensuring that our networks and systems are secure and protected from cyber threats. Our CDR (Network Protection and Advanced Risk) group is at the forefront of this mission, working tirelessly to install cybersecurity into the DNA of arenaflex.

Our Mission

Our mission is to reduce business risk through the implementation of robust cybersecurity standards and best practices. We're committed to creating a culture of cybersecurity awareness, empowering our team members to identify and mitigate potential threats, and ensuring that our systems and data are protected from cyber attacks.

Key Responsibilities

As an Experienced Full Stack Cybersecurity Manager, you'll be responsible for leading a team of highly skilled cybersecurity engineers in the development and maintenance of a comprehensive security architecture for arenaflex's products, applications, and services. Your key responsibilities will include:

• Providing regular updates, training, and presentations to staff and management on various aspects of cybersecurity
• Managing the regulatory administration of cybersecurity experts, including HR, payroll, time tracking, and other related tasks
• Defining, prioritizing, allocating resources, tracking, and providing status updates on work tasks, projects, and activities
• Conducting surveys and being responsible for departmental budgets and resource allocations

Interface and Collaboration

* Staying up-to-date with changes in regulations and compliance requirements that impact assigned areas of responsibility and proactively updating norms, practices, and models based on this information

• Managing, coordinating, and assessing the work of assigned cybersecurity teams to ensure the security, integrity, confidentiality, and availability of arenaflex's systems, products, and services
• Building relationships and partnerships with functional areas across the organization to raise awareness and support for cybersecurity
• Facilitating division activities with internal/external innovation and expert partners
• Providing general asset/project management for the division, including matching individuals to projects, acquiring required resources, etc.
• Maintaining relationships with internal and external review organizations to collaborate on the execution of reviews

Execution and Support

* Managing the development and implementation of cybersecurity strategies

• Working with cross-functional teams to create, document, and implement cybersecurity policies and standards
• Managing the preparation, documentation, and execution of cybersecurity assessments and testing
• Organizing remediation of vulnerable items to meet material compliance requirements
• Being available to respond to impromptu cybersecurity and risk management events, including emergency situations

What We Offer

At arenaflex, we value diverse experiences, perspectives, and backgrounds. We encourage candidates who may not feel they check all the boxes to apply. We're always looking for individuals who will bring a fresh perspective to the table.

Requirements

To succeed in this role, you'll need:

• A bachelor's degree in a STEM field (or equivalent experience)
• At least 9 years of related experience
• Strong and demonstrated ability to communicate technical ideas to a non-technical audience and colleagues
• Experience with threat modeling or other risk identification strategies, and risk management
• Experience managing teams to identify key and strategic risks
• Experience collaborating and influencing multi-functional teams to drive security enhancements
• Experience driving prioritization of security risks/weaknesses and ensuring they are properly understood by the business and addressed or mitigated
• Strong logical and quantitative skills with the ability to analyze data and metrics to support hypotheses and recommendations and drive actions
• Excellent oral and written communication skills
• Demonstrated ability to convey complex technical subjects in a concise and clear manner
• Shown critical thinking, decision-making, and organizational skills and a willingness to learn and stretch beyond your comfort zone
• Shown knowledge of threat landscape, security risk, and weakness management, and security monitoring and analysis
• Must be legally authorized to work in the US for any employer without sponsorship
• Successful completion of an interview is expected to meet work capability
• Reliable, consistent attendance is a fundamental requirement of the position

What Will Help You Stand Out

* A graduate degree or equivalent experience

• At least one of the following: CEH, GSEC, CISM, CompTIA Security+, CISSP, CISA, SSCP, CASP+, OSCP, AWS Solutions Architect – Professional
• 12+ years of related experience
• Working knowledge and/or hands-on experience with as many as possible of the following areas: Operating system and platform security, Network security and understanding of network and web-related protocols, Voice over IP and converged communication security
• Strong subject matter expertise in the fields of IT security and risk management
• Strong knowledge of IT infrastructure security
• Experience with cloud-native products and in-depth understanding of microservice architectures and deployments
• Ability in application development and dev-ops security technologies and integration
• Shown ability to ponder business, product, and technical challenges
• Experience within the transition of traditional data center security efforts into industry-accepted cloud advancements
• Demonstrated history with compliance systems and requirements
• Familiarity with a fast-paced and agile development environment
• Experience providing training and mentorship
• Ability to perform manual security code reviews
• Ability to interpret dynamic/static analysis tools, and penetration test results

arenaflex is an Equal Opportunity Employer

arenaflex initiates, employs, trains, adjusts, and advances without regard to race, religion, color, national origin, gender identity, sexual orientation, physical ability, age, veteran status, and other protected status as required by relevant law. We will ensure that individuals with disabilities are given reasonable accommodation to participate in the application process or to perform essential job functions.

Join Our Team

If you're passionate about cybersecurity and want to be part of a dynamic team that's shaping the future of the airline industry, apply today! Apply for this job