Sr. IT Cyber Security Manager

Sr.

IT Cyber Security Manager

Location:  Houston, Texas (Onsite)

About Bray International

Bray International is a leading provider of industrial valves, actuators, and related control products, offering innovative flow control solutions worldwide.

As a privately-owned business with over 30 years of engineered excellence, Bray is known for its commitment to excellence, integrity, and collaboration.

Join our team to become part of a dynamic, forward-thinking organization shaping the future of flow control solutions.

 

Role Overview:

The Sr.

IT Cyber Security Manager is responsible for developing, implementing, and managing a robust cybersecurity program aligned with the NIST Cybersecurity Framework and defense-in-depth methodology.

This role ensures the protection of the Bray's global IT infrastructure, data, and applications through strategic security architecture, operational controls, and compliance management.

The manager leads cross-functional teams to deploy and maintain advanced security technologies, including Palo Alto firewalls, Cisco networking stacks, Office 365, Azure security tools, Zscaler, and drives security awareness and compliance globally.

 

Key Responsibilities


* Security Framework & Strategy



* Develop and maintain cybersecurity policies and procedures based on the NIST Cybersecurity Framework to ensure comprehensive risk management and regulatory compliance.


* Implement a defense-in-depth security strategy that layers multiple security controls across the network, endpoint, application, and data layers.


* Translate business risk requirements into technical security controls and metrics for ongoing performance monitoring


* Conduct annual penetration testing in accordance with NIST guidelines to proactively identify exploitable vulnerabilities in organizational systems, networks, and applications


* Establish and maintain a continuous vulnerability management program, including periodic vulnerability scanning of systems and applications, timely identification of new vulnerabilities, and prompt remediation in line with NIST requirements.

Network & Infrastructure Security


* Oversee the configuration, deployment, and management of Palo Alto firewalls to safeguard network perimeters and internal segments.


* Configure port security, DHCP snooping, and dynamic ARP inspection to prevent MAC flooding, rogue device access, and layer-2 attacks


* Deploy 802.1X authentication for network access control (NAC), integrating with Cisco Identity Services Engine (ISE) for dynamic policy enforcement


* Macro-Segmentation: Use VRFs and VLANs to isolate high-risk zones (e.g., IoT, guest networks) from core enterprise systems


* Micro-Segmentation: Enforce granular policies via Cisco TrustSec/Security Group Tags (SGTs), limiting east-west traffic between workloads based on identity/context


* Use NetFlow/IPFIX to baseline normal traffic patterns and detect anomalies (e.g., late...