CybersecurityJobs.io
← Back to all jobs
The Norland Group

Senior Cybersecurity Program Manager

The Norland Group
San Jose, CA $85 - $95/hr Full time Posted 5h ago
Manager Senior Cmmc Controls Data Security Identity and Access Management Incident Response Information Security Information Technology (IT) Infosec Iso 27001 Nist Cybersecurity Framework Policy Management Program Management Risk Management Security Security Compliance
Apply Now

Job Description

The Norland Group seeks a Senior Cybersecurity Program Manager to lead the development and ongoing maintenance of IT security policies, steer enterprise cybersecurity programs, governance, risk and compliance efforts, and collaborate with cross functional teams to mature the organization’s security posture.

Compensation

USD 85 - 95 per hourly

Location

San Jose, CA onsite (five days per week)

Responsibilities

  • Develop and document comprehensive IT security policies, standards, and procedures from the ground up
  • Collaborate with IT and Security teams to identify policy gaps and requirements
  • Draft and maintain enterprise wide security policies covering access control, data protection, incident response, and other critical areas
  • Ensure all policies and procedures align with regulatory requirements, compliance frameworks, and industry best practices
  • Regularly review and update existing policies to reflect organizational changes and evolving threats
  • Establish clear, enforceable standards that are communicated and understood across technical and non technical teams
  • Document procedures with step by step guidelines for consistent implementation across departments
  • Conduct periodic audits of policy compliance and recommend updates based on findings and lessons learned
  • Facilitate policy review cycles and stakeholder approvals
  • Develop, establish, and maintain enterprise wide cybersecurity programs aligned with business objectives and best practices
  • Create and execute multi year cybersecurity roadmaps and strategic plans
  • Define program objectives, metrics, and key performance indicators to measure effectiveness
  • Identify emerging threats and trends and adjust program strategies accordingly
  • Manage program budgets and allocate resources to optimize utilization
  • Lead and collaborate with IT, Security Operations, Risk Management, Compliance, and business unit leaders
  • Establish governance frameworks and decision making processes for cybersecurity initiatives
  • Coordinate with external stakeholders, vendors, and third party service providers
  • Facilitate communication between technical and non technical teams to ensure program understanding
  • Promote cybersecurity culture and awareness across the organization
  • Ensure compliance with applicable regulatory requirements such as CCPA, CPRA, SOC 2, and CMMC
  • Conduct and oversee risk assessments, vulnerability assessments, and penetration testing programs
  • Develop and maintain security policies, procedures, and standards
  • Monitor and report on security posture and compliance status to executive leadership and the Board
  • Lead incident response planning and coordination during security incidents
  • Oversee design, deployment, and optimization of security tools, technologies, and controls
  • Manage security architecture reviews and technology evaluations
  • Drive continuous improvement initiatives within the cybersecurity program
  • Document program processes, procedures, and operational guidelines
  • Ensure effective program documentation and knowledge management
  • Provide executive leadership with regular updates on program status, risks, and achievements
  • Develop and present compliance metrics, dashboards, and reports to senior management
  • Communicate compliance requirements and implications to business stakeholders
  • Escalate critical issues and risks appropriately

Requirements

  • 10+ years of experience in cybersecurity, including at least 5 years in a program management or leadership role
  • Proven track record writing, developing, and maintaining IT security policies, standards, and procedures from scratch
  • Demonstrated ability to collaborate with IT and security teams to create comprehensive policy documentation
  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field
  • Deep knowledge of cybersecurity frameworks and standards (NIST CSF, ISO 27001, CIS, SOC 2, CMMC Controls)
  • Experience with security governance and policy development
  • Expertise in risk management and compliance requirements across regulated industries
  • Strong understanding of security controls, threat modeling, and vulnerability management
  • Proficiency in program management methodologies (Agile, Waterfall)
  • PMP or a similar project management certification
  • Excellent project management skills with the ability to manage multiple complex initiatives simultaneously

Technologies

  • NIST CSF
  • ISO 27001
  • CIS
  • SOC 2
  • CMMC Controls

Job Details

Job Posted Date: 6/22/2026

Similar Jobs

Get Job Alerts

New jobs delivered to your inbox.