Heaven Hill Brands
This position can be based out of our Bardstown or Louisville, KY offices. Candidates located outside of these areas will be required to travel onsite monthly for critical initiatives.
What the Role Is
The Cybersecurity Manager will be responsible for leading and enhancing our cybersecurity posture. This leadership role requires technical expertise, strong communication skills, and proven people management capabilities to oversee the security program at Heaven Hill.
This position serves as both a strategic thinker and tactical executor with a passion for cybersecurity innovation, a sharp ability to size risk and make security decisions aligned with Heaven Hill's unique operational needs, and a collaborative spirit to work across all levels of the organization.
How You Will Spend Your Time?
Leadership & Strategic Planning
Provide strategic direction and day-to-day leadership for the Cybersecurity team, including mentoring and performance management. Define and execute a Cybersecurity roadmap aligned with organizational goals and regulatory requirements. Collaborate cross-functionally to prioritize security initiatives and communicate risk-based decisions. Continuously assess and size risks specific to Heaven Hill's business and technical environments, making timely and informed decisions to balance protection, compliance, and agility. Program & Project Management
Manage complex, cross-functional security projects across domains like Access Management, Cyber Recovery, and Security Mesh Architecture implementations. Develop and maintain detailed project plans, timelines, and performance metrics. Partner with PMO teams and business stakeholders for seamless execution. Security Architecture & Operations
Oversee security architecture design and integration across cloud, on-prem, hybrid, and OT (Operational Technology) environments. Guide teams on deploying secure-by-design principles and proactive risk mitigation techniques. Manage and improve incident response protocols and lead investigations during security incidents. Governance, Risk & Compliance
Align programs to frameworks such as NIST Cybersecurity Framework 2.0, ISO/IEC 27001, and CIS Benchmarks. Lead periodic Cybersecurity assessments and ensure timely remediation of findings. Oversee policy creation, updates, and compliance enforcement across departments. Key Technical Domains
Access Management : Lead strategy and execution of Identity & Access Management (IAM), including provisioning, authentication, and zero trust models. Cyber Recovery : Design and implement secure, resilient recovery architecture to support business continuity. Security Mesh Architecture & Monitoring : Architect and manage federated SIEM environments with real-time threat detection and response capabilities. Incident Management : Develop robust IR plans, train teams, and ensure readiness through tabletop exercises.
What the Role Is
The Cybersecurity Manager will be responsible for leading and enhancing our cybersecurity posture. This leadership role requires technical expertise, strong communication skills, and proven people management capabilities to oversee the security program at Heaven Hill.
This position serves as both a strategic thinker and tactical executor with a passion for cybersecurity innovation, a sharp ability to size risk and make security decisions aligned with Heaven Hill's unique operational needs, and a collaborative spirit to work across all levels of the organization.
How You Will Spend Your Time?
Leadership & Strategic Planning
Provide strategic direction and day-to-day leadership for the Cybersecurity team, including mentoring and performance management. Define and execute a Cybersecurity roadmap aligned with organizational goals and regulatory requirements. Collaborate cross-functionally to prioritize security initiatives and communicate risk-based decisions. Continuously assess and size risks specific to Heaven Hill's business and technical environments, making timely and informed decisions to balance protection, compliance, and agility. Program & Project Management
Manage complex, cross-functional security projects across domains like Access Management, Cyber Recovery, and Security Mesh Architecture implementations. Develop and maintain detailed project plans, timelines, and performance metrics. Partner with PMO teams and business stakeholders for seamless execution. Security Architecture & Operations
Oversee security architecture design and integration across cloud, on-prem, hybrid, and OT (Operational Technology) environments. Guide teams on deploying secure-by-design principles and proactive risk mitigation techniques. Manage and improve incident response protocols and lead investigations during security incidents. Governance, Risk & Compliance
Align programs to frameworks such as NIST Cybersecurity Framework 2.0, ISO/IEC 27001, and CIS Benchmarks. Lead periodic Cybersecurity assessments and ensure timely remediation of findings. Oversee policy creation, updates, and compliance enforcement across departments. Key Technical Domains
Access Management : Lead strategy and execution of Identity & Access Management (IAM), including provisioning, authentication, and zero trust models. Cyber Recovery : Design and implement secure, resilient recovery architecture to support business continuity. Security Mesh Architecture & Monitoring : Architect and manage federated SIEM environments with real-time threat detection and response capabilities. Incident Management : Develop robust IR plans, train teams, and ensure readiness through tabletop exercises.