Cybersecurity and Compliance Manager

OVERVIEW

Cadrex is seeking a highly skilled and experienced Cybersecurity and Compliance Manager to join our team. As the Cybersecurity and Compliance Officer, you will be responsible for developing and implementing robust cybersecurity measures and ensuring IT related regulatory compliance. This role requires a strong understanding of cybersecurity best practices such as NIST publications, compliance frameworks such as CMMC, and risk management methodologies. The ideal candidate will possess excellent leadership and communication skills, with a proven ability to develop and maintain effective security policies and procedures.

KEY RESPONSIBILITIES

• Develop and implement a comprehensive cybersecurity strategy to protect the organization's sensitive data, information systems, and networks
• Stay up to date with emerging cyber threats, vulnerabilities, and industry best practices to proactively identify and mitigate potential risks. Define and enforce security policies, standards, and procedures, ensuring compliance with applicable regulations and industry standards (e.g., GDPR, HIPAA, ISO 27001, NIST, CMMC)
• Conduct regular audits and assessments to evaluate the effectiveness of security controls, identify vulnerabilities, and recommend corrective actions
• Collaborate with cross-functional teams to design and implement security measures, including network security, access controls, encryption, data loss prevention, and incident response
• Lead the incident response process, including investigation, containment, mitigation, and recovery, in the event of a cybersecurity incident or breach
• Conduct regular security awareness and training programs to educate employees on cybersecurity best practices and ensure a culture of security awareness
• Establish and maintain relationships with external stakeholders, such as regulatory bodies, auditors, vendors, and law enforcement agencies, to facilitate compliance and information sharing
• Monitor and analyze security logs, reports, and alerts to identify and respond to potential security incidents in a timely manner
• Collaborate with internal teams to develop and maintain business continuity and disaster recovery plans, ensuring the organization's ability to quickly recover from a cybersecurity incident
• Stay informed about current and emerging cybersecurity technologies, trends, and regulatory changes, and provide recommendations for their adoption and implementation

PREFERRED QUALIFICATIONS

• Extensive experience in cybersecurity, information security, or a similar role, with a focus on compliance management
• Strong knowledge of cybersecurity frameworks (e.g., NIST Cybersecurity Framework, CIS Controls) and industry standards (e.g., ISO 27001, PCI DSS)
• Familiarity with applicable privacy and data protection regulations (e.g., GDPR, CCPA). Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Privacy Professional (CIPP) are highly desirable
• Proven experience in developing and implementing security policies, procedures, and standards
• Deep understanding of network security, firewalls, intrusion detection/prevention systems, endpoint protection, vulnerability management, and other security technologies
• Experience in conducting risk assessments, security audits, and compliance assessments
• Strong analytical and problem-solving skills, with the ability to assess complex security issues and provide practical recommendations
• Excellent communication skills, with the ability to convey complex security concepts to technical and nontechnical stakeholders
• Strong leadership and team management abilities, with a track record of building and leading high performing security teams

EDUCATION

• Bachelor’s degree in computer science, IT, or related field. 

LOCATION

• Remote with travel up to 25%

SCHEDULE

• M-F

TOTAL COMPENSATION INCLUDES

• Health/dental/vision coverage
• Employer-paid and supplemental life insurance
• Short- and long-term disability insurance
• Generous paid time off and holiday pay
• Monthly remote work stipend (for remote employees who qualify)
• 401(k) investment plan, with an employer match of up to 4%
• Education support program
• Safety eyeglasses/shoe reimbursement
• Referral bonuses
• Bonus plan for all full-time employees 

CADREX’S CORE VALUES

• Safety first, rising to the challenge, collaboration, accountability, and doing the right thing

ABOUT US

CADREX Manufacturing Solutions is a leading provider of complex sheet metal and machined production parts, assemblies, and weldments for a variety of end markets, including electrical transmission and distribution, warehouse automation, technology, aerospace & defense, medical, food, and industrials. With locations in Colorado, Pennsylvania, Illinois, Washington, Wisconsin, Minnesota, Michigan, Indiana, Massachusetts, Oklahoma, and Monterrey Mexico, CADREX offers numerous in-house manufacturing capabilities, including laser cutting, sheet metal fabrication, complex assembly, CNC punching, CNC machining, forming, robotic welding, stamping, fastener insertion, and tool and die manufacturing, to effectively serve customers with lights-out manufacturing capabilities for mid- to high-volume production. For more information, visit www.cadrex.com. 

Cadrex provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.