We are seeking a highly skilled Cybersecurity Manager in our Lexington, Kentucky office.

Why Gray?

Gray is a fully integrated, global service provider deeply rooted in engineering, design, and construction, along with smart manufacturing and equipment manufacturing services. Consistently ranked as a leader in the industry, we focus on the following markets for domestic and international customers: Food & Beverage, Manufacturing, Automotive, Distribution, Mission Critical, and Commercial.

Founded in 1960, Gray’s robust offering enables us to create one-of-a-kind solutions at the highest levels of customization, delivering unmatched precision and partnership to some of the world’s most sophisticated organizations. Still, these areas don’t define Gray—our people do. Passion, commitment, and a great team spirit all speak to the team members at Gray.

Position Summary
The Cybersecurity Manager plays a pivotal role in safeguarding Gray’s information assets and infrastructure from evolving cyber threats. Leveraging your experience and in-depth knowledge of information security principles and control processes, you will assist the Director, Information Security in the development, execution, and implementation of the cybersecurity roadmap to ensure consistent, appropriate information security controls are in place and effective across the Gray family of brands.

This role is the information security engineering subject matter expert for Gray and will provide cybersecurity expertise and leadership in the design, evaluation, configuration, and implementation of the IT infrastructure security controls and platforms. As a Cyber Security Manager, you will be a key technical resource to both technical and non-technical stakeholders, ensuring that controls are appropriate and correctly implemented. This position offers an exciting opportunity to contribute to the development and execution of Gray’s information security strategy and the architecture and configuration of security platforms and controls.

Managerial Responsibilities

• Lead and mentor a team of cybersecurity engineers, providing guidance, training, and performance evaluations.
• Develop and implement cybersecurity policies, procedures, and standards to ensure compliance with industry best practices and regulatory requirements.
• Coordinate and oversee cybersecurity incident response efforts, including detection, analysis, mitigation, and forensics.
• Collaborate with other departments to integrate cybersecurity measures into business processes and projects.
• Manage the budget and resources for the cybersecurity team, ensuring efficient allocation and utilization.
• Communicate cybersecurity risks and strategies to senior management and stakeholders.

What we expect… (Essential Functions)

• Serve as technical subject matter expert for the design, configuration and operation of security aspects of Gray’s IT infrastructure components, ensuring they are maintained in accordance with Gray specifications, control frameworks such as NIST CSF, SP800-171, CMMC, and industry best practices.
• Participate in technology and security roadmap decisions, providing architectural guidance for systems that best fit into Gray’s overall IT strategy and business needs.
• Work closely with the IT Operations team to drive the secure implementation, configuration, and maintenance of Gray’s IT platforms and application components such as Microsoft Azure, Microsoft365, Egnyte, and Gray SaaS, IaaS, and PaaS environments.
• Provide cybersecurity incident response support, including detection and analysis, mitigating activities, and facilitating forensics analysis when necessary.
• Research and stay informed of potential information security threats, industry trends, emerging technologies, and response alternatives.
• Perform additional duties as needed.

Who we want… (Requirements)
The Cyber Security Manager has an analytical mind and a detailed understanding of security methodologies. Security Managers are expected to have a meticulous attention to detail, outstanding problem-solving skills, work comfortably under pressure, and deliver on tight deadlines. Other skills/experience needed:

• Bachelor’s Degree in Information Technology, Information Systems, Computer Science, or Engineering Required.
• Certified Information Systems Security Professional (CISSP) or Certified Information Security Analyst (CISA) preferred.
• 8+ years of work experience managing information security platforms and tools.
• Demonstrated experience managing incident detection, incident response, and forensics activities.
• Possess a strong foundation in networking and server, and cloud operating environments and security configurations, penetration testing, and incident response, coupled with hands-on experience in managing security infrastructure components.
• Expertise in incident response processes and tools to detect, analyze, respond, and contain cyber security threats.
• Knowledge of information security standards, data privacy laws, security frameworks.
• Significant awareness of cybersecurity trends and attacker tactics and techniques.
• Outstanding analytical, problem-solving, oral, and written communication skills as well as excellent judgment and self-motivation.
• Proficiency in problem-solving, analytical thinking, and penetration testing and vulnerability scanning methodologies.
• Ability to react quickly, decisively, and deliberately in high-stress, high-impact situations.
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• Must have a willingness to educate fellow team members, have patience and the capability to provide support as necessary.
• Must be well organized, efficient, detail-oriented, and able to work independently as well as a member of a team.

Physical Demands & Work Environment

The physical demands described here are representative of those that must be met by a team member to successfully perform the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions

While performing the duties of this position, the team member is frequently required to stand, walk, sit, use hands, reach with hands or arms and talk or hear.  They may occasionally be required to climb or balance, stoop, kneel, or crouch.  Must occasionally lift and/or move up to 50 pounds.  Specific vision abilities required include close vision.

Generally, normal office environment where noise level is moderate, and temperature/humidity is controlled. Overtime may be required.

EEO Disclaimer

Gray is proud to be an Equal Opportunity Employer and welcomes everyone to apply. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, or protected veteran status and will not be discriminated against on the basis of disability.  

#LI-DG1