Cybersecurity Manager bei Heaven Hill Brands

This position can be based out of our Louisville, KY, or Bardstown, KY office.

What the Role Is

Heaven Hill Brands is seeking a Cybersecurity Manager to lead and enhance our cybersecurity posture. This leadership role brings strong interpersonal capabilities to foster a proactive, business-aligned security culture.  This role requires a leader who is collaborative, adaptable, and skilled at balancing evolving business needs with risk-informed decision-making.

The ideal candidate is both a strategic thinker and tactical executor with a passion for cybersecurity innovation, a sharp ability to size risk and make security decisions aligned with Heaven Hill's unique operational needs, and a collaborative spirit to work across all levels of the organization. 

How Will You Spend Your Time?

Leadership & Strategic Planning

• Provide strategic direction and day-to-day leadership for the Cybersecurity team, including mentoring and performance management.
• Define and execute a Cybersecurity roadmap aligned with organizational goals and regulatory requirements.
• Collaborate cross-functionally to prioritize security initiatives and communicate risk-based decisions.
• Continuously assess and size risks specific to Heaven Hill's business and technical environments, making timely and informed decisions to balance protection, compliance, and agility.
• Champion the security vision and ensure alignment with the company’s broader values and strategic objectives.

Program & Project Management

• Lead initiatives related to access management, incident readiness, cyber resilience, and regulatory preparedness, ensuring they are delivered on time and with clarity.
• Develop and maintain detailed project plans, timelines, and performance metrics.
• Partner with PMO teams and business stakeholders for seamless execution.
• Set expectations for outcomes, maintain progress visibility, and remove barriers to success.
• Manage cross-functional efforts with humility, persistence, and focus on results.  

Governance, Risk & Compliance

• Align programs to frameworks such as NIST Cybersecurity Framework 2.0, ISO/IEC 27001, and CIS Benchmarks.
• Lead periodic Cybersecurity assessments and ensure timely remediation of findings.
• Oversee policy creation, updates, and compliance enforcement across departments.
• Cultivate awareness of potential risks across business functions and help teams make well-informed, timely decisions.
• Promote transparency and shared ownership of compliance and audit outcomes.

Who You Are…

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or equivalent experience.
• 3+ years’ progressive experience in cybersecurity with people management or leadership accountability.
• Strong written and verbal communication skills tailored to varied audiences.
• Demonstrated agility and adaptability in responding to fast-changing business and technical environments.
• Ability to manage multiple priorities while maintaining composure and direction.
• Proven ability to analyze and size organizational risk, and translate those assessments into actionable, business-relevant decisions.

Valued but not Required Skills and Experience:

• Experience in the manufacturing industry
• CISSP Certification (active and in good standing) 

Physical Requirements

While performing job duties, the employee is occasionally required to stand; walk; use hands and fingers to handle or feel objects, use of computer; and reach with hands and arms. Employee must occasionally lift and/or move up to 20 pounds. 

Benefits

• Paid Vacation
• 11 Paid Holidays
• Health, Dental & Vision eligibility from day one
• FSA/HSA
• 401K match
• EAP
• Maternity/Paternity Leave

Heaven Hill and its affiliates are committed to fostering a diverse workforce as an Equal Employment Opportunity company. We invite applications from candidates of all backgrounds, without regard to race, religion, color, sex, sexual orientation, natural origin, gender identity or expression, age, disability, veteran status, or any other legally protected characteristic.