Senior Manager, Cybersecurity

Position Summary

The Sr. Manager, Cybersecurity is a hands-on technical leader responsible for defining, leading, and executing the organization’s enterprise cybersecurity strategy, architecture, and daily security operations. This role combines strategic ownership with direct technical execution, requiring active involvement in designing, implementing, configuring, and maintaining security controls across the enterprise.

This role operates as a core member within the Digital Technology Organization (DTO), working in close alignment with peer technology functions while engaging collaboratively with risk, compliance, legal, and business stakeholders. The position ensures the confidentiality, integrity, and availability of HASI’s information assets while aligning cybersecurity initiatives with business objectives, regulatory requirements, and industry best practices.

Beyond governance and oversight, this role is deeply engaged in security engineering and operations, including tool deployment, control configuration, vulnerability management, and incident response. A strong emphasis is placed on Microsoft 365 and cloud security, with expectations to operate directly within platforms to implement and optimize controls.

The Sr. Manager owns the adoption and execution of cybersecurity frameworks, including CIS Controls, leads cybersecurity personnel, and drives continuous improvement across security operations, awareness, and technology platforms.

Key Responsibilities

Cybersecurity Strategy, Architecture & Governance

• Define, execute, and maintain HASI’s enterprise cybersecurity strategy, roadmap, and target security architecture.
• Establish and enforce cybersecurity policies, standards, and technical controls aligned to NIST CSF, CIS Controls, and regulatory requirements.
• Ensure cybersecurity is embedded into enterprise architecture, infrastructure design, cloud platforms, and technology initiatives from inception.
• Provide regular, risk-based reporting on cybersecurity posture, control maturity, and emerging threats to executive leadership.

Hands-On Security Engineering & Operations

• Serve as a hands-on security leader, actively configuring, implementing, and tuning security technologies and controls.
• Lead the implementation and ongoing management of security platforms including SASE, DLP, IAM, PAM, endpoint protection, SIEM, and network security solutions.
• Perform and oversee vulnerability identification, remediation, and validation across infrastructure, cloud, endpoints, and applications.
• Actively participate in threat detection, security monitoring, incident response, root cause analysis, and post-incident remediation.
• Manage and enhance SOC capabilities, including direct oversight of MSSPs and validation of alerts, detections, and response quality.

Microsoft 365 & Endpoint Security Ownership

• Own and manage security across the Microsoft 365 ecosystem, including Entra ID (Azure AD), Exchange Online, SharePoint, OneDrive, Teams, and Defender platforms.
• Design, implement, and maintain Conditional Access policies, identity protection controls, and Zero Trust access models.
• Lead Mobile Device Management (MDM/MAM) strategy and implementation using Microsoft Intune, including device compliance, application protection, and data loss prevention controls.
• Develop, implement, and maintain CIS hardening baselines, security GPOs, and standardized secure workstation and server images.
• Ensure secure configuration and continuous hardening of Microsoft and endpoint environments in alignment with CIS benchmarks.

Cloud & Infrastructure Security

• Lead secure design and configuration of cloud environments (Azure, AWS), with a strong focus on defense-in-depth and least privilege.
• Implement identity-centric security controls, secure networking, logging, and monitoring across hybrid and cloud-native environments.
• Ensure security controls are integrated into automation, infrastructure-as-code, and modern IT delivery practices.

Leadership & Team Development

• Lead, mentor, and develop a team of cybersecurity professionals, while remaining technically engaged and hands-on.
• Establish clear expectations that balance strategic ownership with operational execution.
• Foster a culture of accountability, continuous improvement, and strong security engineering discipline.

Cross-Functional Collaboration & Awareness

• Partner with IT, risk, compliance, legal, and business teams to design solutions that are secure, scalable, and compliant
• Act as a trusted technical advisor on cybersecurity risks, control design, and mitigation strategies
• Drive organization-wide security awareness and training programs to improve cyber hygiene and reduce human risk

Qualifications

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field
• 10+ years of progressive experience in cybersecurity or information security, with significant hands-on technical responsibility
• Demonstrated experience personally implementing and configuring security technologies, not solely managing teams or vendors
• Deep expertise in Microsoft 365 security, including Conditional Access, Intune (MDM/MAM), Defender, identity protection, and tenant hardening
• Strong experience implementing SASE, DLP, IAM, PAM, endpoint security, SIEM, vulnerability management, and Zero Trust architectures
• Proven experience developing and enforcing CIS hardening standards, security baselines, GPOs, and secure images.
• Experience with regulatory and compliance requirements (e.g., SOX, SOC 2)
• Ability to lead teams while remaining technically hands-on and execution-focused
• Excellent communication skills with the ability to translate technical risk into business impact
• Relevant certifications preferred: CISSP, CISM, CISA, CIS Controls Practitioner, Microsoft Security certifications, or equivalent