Cyber Security Manager

Are you ready for a change? At GS1 US, employees at every level play a vital role and provide a meaningful voice on issues that affect consumers across the country. We are a small company with a world-class culture . We make a huge impact on the way the world does business. What is in it for you: GS1 US is seeking a Cyber Security Lead to drive hands-on execution of the cybersecurity program in a fully Azure-hosted environment. This senior individual contributor role blends deep technical expertise with ownership of security operations, incident response, and risk remediation. You will partner with Infrastructure & Security leadership, Cloud Engineering, DevOps, IT Operations, and a Managed SOC to translate priorities into effective technical controls and measurable improvements. You will also serve as a senior escalation point for security issues. We are currently recruiting for this position, which offers a salary range of $120,000 to $145,000. This position qualifies for participation in our annual employee bonus program. This position is also eligible for company-sponsored benefits, which include: Health (medical, RX, dental, vision) - effective immediately 401(k) with Employer Safe Harbor and Profit Sharing Contributions - effective immediately Short and Long Term Disability Coverage Mental Health and Wellbeing (6 employer sponsored therapy and coaching sessions) Individual Wellness Platform Paid Parental Leave Generous PTO and Company Paid Holidays LinkedIn Learning Tuition Reimbursement Kudos (employee recognition and engagement platform) Catered Lunches 2x/week on in office days Who you are: Bachelor's degree in Cybersecurity/Computer Science (or equivalent experience) 6-8+ years in cybersecurity engineering, cloud security, or security operations Demonstrated experience supporting security operations, incident response, and technical risk remediation Strong knowledge of Azure security services and cloud security architecture Strong understanding of networking concepts (TCP/IP, DNS, VPNs, routing, segmentation) Hands-on experience with Microsoft Sentinel, Microsoft Defender, Zscaler, Intune, and related tools Familiarity with DevSecOps practices and CI/CD pipelines (Azure DevOps, GitHub Actions) Experience with security frameworks such as

NIST CSF

Proficiency in scripting and automation (PowerShell and/or Python) Strong communication skills with ability to explain technical risk and tradeoffs clearly

Preferred Certifications Microsoft Certified:

Azure Security Engineer Associate (AZ-500) CISSP, CCSP, or equivalent security certification What you will do: As a Cyber Security Manager, you will run day-to-day security operations across cloud, identity, apps, and SaaS. Act as senior escalation for alerts and incidents. Coordinate response with internal teams and the Managed SOC. Investigate incidents, drive RCA and post-incident follow-up. Maintain visibility into threats, vulnerabilities, and emerging risks Here are a few more details about the role (other duties may be assigned): Risk Management, Governance & Maturity Drive risk management and security maturity by identifying control gaps, prioritizing remediation, and supporting assurance activities. Identify and track risks, vulnerabilities, and control gaps across cloud and applications Partner on remediation plans and ensure fixes are implemented and sustained Support alignment to NIST CSF and ongoing maturity assessments Support audits, customer security inquiries, and third-party assessments (evidence and technical input) Monitor and report security KPIs/KRIs Work with cross-functional teams to embed controls into processes and platforms Cloud Security & Engineering (Hands-On) Design and improve security controls across Azure SaaS/PaaS/IaaS Review Azure configurations; remediate misconfigurations Implement IAM controls (least privilege, strong authentication) Ensure encryption and key management for data at rest/in transit Configure logging, monitoring, and threat detection for visibility and response Provide security guidance for .NET and Angular apps on Azure App Services Stay current on Azure security features, threats, and best practices Networking & Zero Trust Implement secure Azure networking (NSGs, Azure Firewall, Private Endpoints, segmentation) Support Zero Trust, including Zscaler policy configuration and operations Implement identity- and device-aware access controls Advise on secure VPN, hybrid connectivity, and ExpressRoute designs Ensure network controls meet security standards and compliance needs Monitor network traffic and events for anomalies and policy violations Document network security architectures and procedures for audit and knowledge transfer Collaboration & Stakeholder Engagement Partner across IT and the business to embed security into operations and delivery. Work with Cloud Engineering, DevOps, IT Ops, Legal, HR, and business teams to integrate security Embed secure-by-design practices into engineering and operational workflows Communicate risks and recommendations to technical and non-technical audiences Maintain security standards, technical guidelines, and operational playbooks Build relationships that support a security-aware culture Ready to be part of a team that believes the identification of everything makes anything possible? Apply today - we can't wait to hear your story. GS1 US is an Equal Opportunity Employer - All qualified applications will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, or national origin. GS1 US does not accept unsolicited resumes from search or staffing firms. All resumes submitted by search or staffing firms to any employee at GS1 US via-email, internet or directly without a valid written search agreement will be deemed the sole property of GS1 US, and no fee will be paid in the event a candidate is hired by GS1 US.