Cyber Security Supervisor

This is a remote position.

Position Title: Cyber Security Supervisor

$93,750 to $156,250 annually DOE

Comprehensive health benefits include - medical, dental, vision, 401k, flexible spending account, paid sick leave and paid time off, parental leave, quarterly performance bonus, training, career growth and education reimbursement programs.

At Ziply Fiber, our mission is to elevate the connected lives of our communities every day. We are delivering the fastest home internet in the Northwest, with a focus on areas traditionally underserved by mainstream internet companies. And as our state-of-the-art fiber network expands in WA, OR, ID and MT, so does our need for team members who can help us grow and realize our goals.

We may be building internet, but we are reaching real people. We strive to build relationships and provide customers and communities with refreshingly great experiences.

We emphasize our values in all our interactions:

Genuinely Caring: Our customers and colleagues are people, and quite possibly our neighbors. We put ourselves in their shoes and give them our full attention.

Empowering You: We empower our customers to choose the products that best meet their needs, and we support our employees to implement solutions that elevate the experiences of our customers and coworkers. 

Innovation and Improvement: We always look for ways to make the experiences of our customers – and each other – better.

Earning Your Trust: We earn trust by communicating simply and transparently as real people, not as a corporation.

Job Summary

The Cyber Security Supervisor is responsible for leading a team in implementing, managing, and enhancing the organization's cybersecurity measures. This role ensures the protection of data, systems, and networks against potential threats, coordinates incident responses, and enforces compliance with cybersecurity policies and regulations. The supervisor provides strategic direction, supports operational security initiatives, and collaborates with various departments to align security efforts with business objectives.

The Essential Duties and Responsibilities listed below are a range of duties performed by the employee and not intended to reflect all duties performed.

·         Lead, supervise, and mentor a team of cybersecurity analysts and engineers.

·         Assign tasks, monitor performance, and ensure the team meets its objectives efficiently.

·         Foster a culture of continuous learning by providing training, certifications, and knowledge-sharing opportunities.

·         Conduct performance evaluations and recommend career development plans for team members.

·         Oversee the monitoring of security systems, networks, and applications to detect and respond to threats.

·         Conduct regular vulnerability scans, penetration tests, and risk assessments across systems and infrastructure.

·         Supervise the deployment, configuration, and maintenance of security tools, including firewalls, SIEM systems, endpoint protection, and intrusion detection/prevention systems (IDS/IPS).

·         Ensure high availability of critical security functions and business continuity during incidents or outages.

·         Develop and implement cybersecurity policies, standards, and procedures in alignment with industry best practices and organizational goals.

·         Enforce adherence to security protocols and conduct regular audits to ensure compliance.

·         Maintain and improve incident response and disaster recovery plans, ensuring readiness for potential threats.

·         Lead incident response activities, including detection, containment, eradication, and recovery from security events.

·         Perform root cause analysis and recommend actions to prevent recurrence of incidents.

·         Produce post-incident reports and present findings and recommendations to management.

·         Work closely with IT, risk management, and compliance teams to ensure security measures are integrated into business operations.

·         Collaborate with external stakeholders, such as vendors, consultants, and law enforcement, as needed.

·         Provide security awareness training to employees to minimize human-related risks.

·         Report regularly to senior management on cybersecurity posture, ongoing initiatives, and threat landscape updates.

·         Identify and evaluate cybersecurity risks, developing mitigation strategies tailored to organizational needs.

·         Implement risk management frameworks (e.g., NIST Cybersecurity Framework, ISO 27001) to ensure a structured approach to securing systems.

·         Monitor third-party vendor security and perform regular assessments to address supply chain risks.

·         Ensure compliance with applicable regulations and standards, such as PCI DSS, and others relevant to the organization.

·         Manage security certifications and audits, coordinating with external auditors when required.

·         Stay up to date with evolving regulatory requirements and cybersecurity laws.

·         Must be available to work regular business hours Pacific Standard Time.

·         Must also be available to work on-call, evenings and weekends as needed.

·         Performs other duties as required to support the business and evolving organization.

Qualifications:

• A bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a closely related technical field. Equivalent professional experience may be accepted in lieu of formal education.
  
• CISM, CISSP, CEH, or comparable cybersecurity certifications required.
  
• Minimum of 5 years of experience in a cybersecurity role with at least 2 years in a supervisory or team lead capacity.
  
• Proven hands-on experience securing IT infrastructures, performing vulnerability management, and overseeing incident response.
  
• At least 3 years of experience implementing or managing security frameworks such as NIST CSF, ISO 27001, or CIS benchmarks.
  
• Proficient in network security practices, including firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions.
  
• Experience with security operations tools such as SIEM platforms, vulnerability scanners, and penetration testing utilities.
  
• Practical knowledge of configuring and managing DNS, DHCP, and identity management tools (e.g., LDAP, Active Directory).
  
• Familiarity with system hardening guides, such as CIS Controls, DISA STIGs, or USGCB.
  
• Skilled in developing, documenting, and maintaining security policies, standards, and incident response plans.
  
• Demonstrated ability to conduct security audits, assess compliance, and recommend improvements.
  
• Ability to lead and mentor technical staff, fostering a culture of collaboration and continuous improvement.
  
• Experience with cloud security platforms (e.g., AWS, Azure, Google Cloud).
  
• Knowledge of emerging threats, threat intelligence, and advanced attack mitigation techniques.
  
• F​amiliarity with DevSecOps practices or secure software development lifecycle (SDLC).
  

Knowledge, Skills, and Abilities:

• Proven ability to manage small teams or projects with limited resources.
  
• Strong interpersonal skills to collaborate with IT and business stakeholders.
  
• Ability to write and enforce basic security policies and procedures.
  
• Strong organizational, multi-tasking, and prioritizing skills.
  
• Ability to work independently and apply sound judgment and reasoning skills to a variety of situations, multi-task and collaborate effectively with other personnel to meet deadlines.
  
• Ability to work within critical deadlines.
  
• Ability to communicate affectively across multiple large organizational structures (Verbal / Email / TXT).
  

Work Authorization

Applicants must be currently authorized to work in the US for any employer. Sponsorship is not available for this position.

Physical Requirements

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Essential and marginal functions may require maintaining physical condition necessary for bending, stooping, sitting, walking, or standing for prolonged periods of time; most of time is spent sitting in a comfortable position with frequent opportunity to move about. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus.

Work Environment

Work is performed in an office setting with exposure to computer screens and requires extensive use of a computer, keyboard, mouse, and multi-line telephone system. The work is primarily a modern office setting.

At all times, Ziply Fiber must be your primary employer. Unless otherwise prohibited by law, employees may not hold outside employment nor be self-employed without obtaining approval in writing from Ziply Fiber. In holding outside employment or self-employment, employees should ensure that participation does not conflict with responsibilities to Ziply Fiber or its business interests.

Diverse Workforce / EEO:

Ziply Fiber is an equal opportunity employer. Ziply Fiber will consider all qualified candidates regardless of race, color, religion, national origin, gender, age, marital status, sexual orientation, veteran status, and the presence of a non-job-related handicap or disability or any other legally protected status.

Ziply Fiber requires a pre-employment background check as conditions of employment. Ziply Fiber may require a pre-employment drug screening.

Ziply Fiber is a drug free workplace.