Cybersecurity Manager

Job Title: Cybersecurity Manager

Location: Metairie, LA

Position Overview: We are seeking a highly skilled and experienced Cybersecurity Manager to lead and grow our cybersecurity team at a shipyard supporting critical government contracts. This individual will ensure the confidentiality, integrity, and availability of systems and data in alignment with federal cybersecurity regulations, including DFARS, NIST SP 800-171, and CMMC. The ideal candidate will bring deep knowledge of cybersecurity operations, advanced networking, team leadership, and hands-on experience in securing industrial, maritime, or government-aligned infrastructure.

Key Responsibilities

• Team Leadership: Supervise, mentor, and guide a team of Cybersecurity Analysts, fostering professional development and ensuring the delivery of cybersecurity initiatives.
• Compliance Oversight: Ensure compliance with federal cybersecurity requirements, including DFARS, NIST SP 800-171, and evolving CMMC standards.
• Cybersecurity Program Management: Develop and enforce security policies, standards, and procedures aligned with organizational goals and regulatory obligations.
• Tool Stack Evaluation & Optimization: Continuously assess and optimize the effectiveness of cybersecurity tools (e.g., SIEM, EDR, IDS/IPS, firewalls, vulnerability scanners), with a strong focus on their integration with network infrastructure and traffic monitoring.
• Network Security Architecture: Design and maintain secure network architectures, including segmentation strategies, firewall rule sets, VLANs, VPNs, and secure remote access configurations. Collaborate with IT network engineers to embed security into network design and implementation.
• Risk Management: Conduct network-based threat modeling and vulnerability analysis to identify risks in enterprise and OT environments. Recommend and implement mitigations for network-layer threats, including lateral movement, sniffing, spoofing, and protocol abuse.
• Incident Response: Lead end-to-end incident response efforts, with emphasis on identifying and remediating network-based intrusions, anomalies, and unauthorized data exfiltration. Maintain and test IR plans that incorporate network forensics and traffic analysis.
• Security Training & Awareness: Design and execute training programs to build cybersecurity and network security awareness across the organization.
• Monitoring & Detection: Oversee security monitoring systems, including network traffic analysis tools, to ensure timely detection of intrusions and anomalies. Tune IDS/IPS and SIEM systems based on real-time network insights.
• Cross-Functional Collaboration: Work with IT, engineering, compliance, and operations teams to ensure cybersecurity measures are aligned with both network and system infrastructure.
• Audit & Reporting: Prepare for internal and external audits; deliver concise, actionable reports on security metrics, compliance status, and network security posture to executive leadership.
  
  

Experience

• Team Leadership: Supervise, mentor, and guide a team of Cybersecurity Analysts, fostering professional development and ensuring the delivery of cybersecurity initiatives.
• Compliance Oversight: Ensure compliance with federal cybersecurity requirements, including DFARS, NIST SP 800-171, and evolving CMMC standards.
• Cybersecurity Program Management: Develop and enforce security policies, standards, and procedures aligned with organizational goals and regulatory obligations.
• Tool Stack Evaluation & Optimization: Continuously assess and optimize the effectiveness of cybersecurity tools (e.g., SIEM, EDR, IDS/IPS, firewalls, vulnerability scanners), with a strong focus on their integration with network infrastructure and traffic monitoring.
• Network Security Architecture: Design and maintain secure network architectures, including segmentation strategies, firewall rule sets, VLANs, VPNs, and secure remote access configurations. Collaborate with IT network engineers to embed security into network design and implementation.
• Risk Management: Conduct network-based threat modeling and vulnerability analysis to identify risks in enterprise and OT environments. Recommend and implement mitigations for network-layer threats, including lateral movement, sniffing, spoofing, and protocol abuse.
• Incident Response: Lead end-to-end incident response efforts, with emphasis on identifying and remediating network-based intrusions, anomalies, and unauthorized data exfiltration. Maintain and test IR plans that incorporate network forensics and traffic analysis.
• Security Training & Awareness: Design and execute training programs to build cybersecurity and network security awareness across the organization.
• Monitoring & Detection: Oversee security monitoring systems, including network traffic analysis tools, to ensure timely detection of intrusions and anomalies. Tune IDS/IPS and SIEM systems based on real-time network insights.
• Cross-Functional Collaboration: Work with IT, engineering, compliance, and operations teams to ensure cybersecurity measures are aligned with both network and system infrastructure.
• Audit & Reporting: Prepare for internal and external audits; deliver concise, actionable reports on security metrics, compliance status, and network security posture to executive leadership.
• Must be eligible to obtain and maintain a U.S. Government Security Clearance.
• U.S. Citizenship required due to federal contract obligations.
• On-site presence at the shipyard may be required regularly.
• Occasional participation in after-hours incident response or emergency operations.
  
  

Preferred Certifications

• CISSP, CISM, or CISA
• CompTIA Security , CySA , or CASP
• Certified CMMC Professional (CCP) or Certified CMMC Assessor (CCA)
• GIAC certifications (e.g., GSEC, GCIH, GCIA, GSLC, GNFA)
• Cisco, Palo Alto, or Fortinet networking/security certifications (e.g., CCNP Security, PCNSA)
• ITIL or PMP (a plus)
  
  

Bollinger is an equal opportunity employer and is committed to providing employment opportunities to minorities, females, veterans and disabled individuals, and without regard to sexual orientation and gender identity.