Security Operations Manager

ABOUT CIM GROUP

CIM is a community-focused real estate and infrastructure owner, operator, lender, and developer. Our team of experts works together to identify and create value in real assets, benefiting the communities in which we invest. Back in 1994, our three founders focused on projects in Southern California neighborhoods. Today, we are a diverse team of 900+ employees with projects across the Americas.

Our projects have delivered jobs; created comfortable places to live, work, and relax; and provided necessary and sustainable infrastructure. Our focus on enhancing communities is unwavering, and we strive to make an even greater impact in the years to come. Join us and make an impact today!

The Security Operations Manager is accountable for CIM's readiness to prevent, respond to, and recover from cybersecurity incidents. This role is accountable for CIM's cybersecurity posture by ensuring the appropriate controls are in place, our user population has the necessary cybersecurity training, and the day-to-day management of cybersecurity threats are handled appropriately. The Security Operations Manager partners closely with Engineering, Support, Compliance, and Product teams to ensure controls are effective, risks are actively managed, and operations support overall business continuity and resilience objectives.

This role plays a critical part in protecting our customers, employees, and operations, while enabling the business to grow securely and confidently.

• Ensure security alerts and anomalous activities are continuously monitored, accurately logged, and escalated in accordance with established procedures.
• Lead and coordinate timely, effective response to cybersecurity incidents to minimize business impact.
• Support restoration of affected systems and services following cybersecurity incidents, including leading forensic investigations as required.
• Research emerging threats and attack vectors, and implement appropriate countermeasures to continuously strengthen the organization’s security posture.
• Coordinate internal and external penetration testing activities to identify and remediate exploitable weaknesses.

• Ensure protective security controls are implemented and operating effectively to reduce risk exposure.
• Coordinate with compliance and IT teams to design, implement, and maintain operational security controls.
• Support asset cataloging and ownership alignment to ensure accountability for systems, data, and security controls.
• Execute quarterly User Access Reviews across the application portfolio in an efficient manner.
• Respond to external audit and compliance questionnaires, providing accurate and timely security documentation and evidence.

• Ensure employees, vendors and/or contractors with access to systems and data are appropriately trained in relevant security awareness and individual security responsibilities.
• Design, manage, and enforce the organization’s security awareness program, including the execution of recurring phishing simulation campaigns.
• Support the development, testing, and ongoing improvement of Disaster Recovery plans to ensure the organization can effectively respond to and recover from disruptive events, including cybersecurity incidents.
• Serve as a trusted security advisor to internal teams, raising awareness and providing guidance to help protect products, systems, and services from known and emerging threats.

• Ability to produce executive reporting to illustrate Cybersecurity posture and areas for improvement.
• Ability to communicate and present ideas and recommendations effectively to Technology management.
• Ability to translate Cybersecurity information into a manner that end users can understand.

• None.

• Minimum 8 years of Cybersecurity analyst/management experience.
• Bachelor's Degree in a technical field required.
• CISSP or CISM certification strongly preferred.
• Formal training in Cybersecurity governance, risk, and compliance (GRC).
• Understanding of…