网络安全经理

Job Description

The Cybersecurity Manager is a strategic, hands-on role responsible for advancing our enterprise security program in alignment with ISO 27001, NIST Cybersecurity Framework, and industry best practices. This role offers the opportunity to lead the design and implementation of robust security strategies, work collaboratively across business functions, and be a part of a resilience security culture that supports innovation and organization growth.

Location

Nova Place with travel to other Eos Energy locations (see below)

Job Responsibilities

• Partner with cross-functional teams to implement a multi-year cybersecurity roadmap aligned with business growth
• Conduct and maintain enterprise risk assessments, including IT, OT, Product, Field Operations, and third-party risk
• Establish and lead security operations, including monitoring, alerting, and incident response
• Partner with IT management team to test incident response and disaster recovery plans
• Analyze and recommend responses to security incidents, investigations, and remediation activities
• Coordinate with external partners, MSSPs, and law enforcement as required
• Partner with IT, OT & Field Services teams to maintain and advance secure architectures for enterprise and manufacturing environments
• Evaluate, recommend, and implement innovative security tools and technologies to strengthen detection, protection, and response capabilities.
• Partner with engineering to advance product cybersecurity practices, including hardening techniques, secure coding, and testing practices
• Maintain secure integrations between IT, OT, MES, ERP, cloud, product and data platforms
• Maintain and advance vulnerability management, penetration testing, and remediation processes
• Monitor emerging cybersecurity threats, regulatory requirements, and industry trends to ensure program remains resilience and forward-looking
• Maintain and oversee third-party policies, security assessments and vendor risk management
• Promote a proactive security culture through training, awareness programs, and guidance across the organization
• Maintain and advance security awareness and training programs for employees
• Embed cybersecurity accountability into IT, OT, product, field operations, and business processes
• Act as a trusted advisor to leadership on cybersecurity risk and investment

Knowledge, Skills, and Abilities

• Deep understanding of NIS Cybersecurity Framework and ISO 27001
• Proficiency in security tools (SIEM, EDR/XDR, IDP/IDS, etc.) and scripting languages e.g., Python, PowerShell)
• Extensive experience in cybersecurity leadership, information security management, or risk management in high-growth environments
• Deep understanding of manufacturing systems, IT/OT networks segmentation, and industrial cybersecurity risks
• Demonstrated expertise in cloud, network, and application security, including threat detection, incident response, and vulnerability management
• Incident response lifecycle: detection, containment, eradication, recovery, and post-incident improvement
• Regulatory and audit expectations relevant to manufacturing and global operations
• Third-party and supply chain cybersecurity risk management
• Solid understanding of cybersecurity protocols for a Windows (Version 7+), Linux and Mac computing environment
• Solid understanding of Office 365 cloud principles, Azure security, and Exchange/Purview security configuration
• Excellent communication skills, including the ability to communicate cybersecurity risk clearly to non-technical leaders
• Ability to be on call if/when required for onsite and/or remote work after hours or on weekends

Education and Experience

• Bachelor's degree in cybersecurity, information technology, computer science, or related field.
• Eight (8+) or more years of progressive cybersecurity experience
• 5-7+ years of implementing cybersecurity best practices supporting manufacturing, industrial, or OT environments
• Experience with advancing cybersecurity programs in high-growth organizations
• Experience with cybersecurity processes/programs within $1B+ organizations strongly preferred
• Experience with product (hardware and software) hardening strongly preferred
• Prior leadership, coaching, or lead-level role managing cybersecurity initiatives or teams
• Experience supporting cybersecurity initiatives in a global, 24x7 operating environment strongly preferred
• Professional certifications such as CISSP, CISM, CISA, ISO 27001, or GIAC GSEC, GICSP for OT environments, etc. strongly preferred

Travel

• Overnight/North America: 10-20%

Working Conditions

• Office Environment - Must be able to remain in a stationary position 50% of the time and occasionally move about inside the office to access file cabinets, office machinery, etc. Required to have close visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing; viewing a computer terminal; extensive reading. May be required to exert up to 25 pounds of force occasionally to lift, carry, push, pull or otherwise move objects, including the human body.
• Factory - The worker may be subject to hazards. Includes a variety of physical conditions, such as proximity to moving mechanical parts, vibration, moving vehicles, electrical current, exposure to temperature changes or exposure to chemicals. While performing the duties of this job, the employee may be exposed to fumes, airborne particles, odors, dust, mists, and gases. The noise level in the work environment can be loud. Required to have close visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing; viewing a computer terminal; extensive reading; visual inspection involving small defects, small parts, and/or operation of machines (including inspection); using measurement devices; and/or assembly or fabrication parts at distances close to the eyes. Machinery operation requires the use of safety equipment to include but not limited to eye safety glasses, hearing protectors, work boots, and lab coats. May be required to exert up to 50 pounds of force occasionally to lift, carry, push, pull or otherwise move objects, including the human body.
• Customer/Partner Locations - Employee may visit customer or partner locations that may be comprised of office, manufacturing floor, laboratory environments and construction sites depending on the location and reason for visit.