Cybersecurity & Privacy Manager
We are Diversified, a global B2B events and media company that strengthens business communities by fostering a space, in person and online, for professionals and businesses to connect and grow. The company serves as a trusted partner across several industries including active lifestyle, business management, clean energy, commercial marine, healthcare, seafood, technology and more. Established in 1949 and headquartered in Portland, Maine, the global company has divisions and offices around the world in Australia, Canada, Hong Kong and the United Kingdom. Diversified is a third-generation, family-owned business. Join our team as a Cybersecurity and Privacy Manager! This role is based in our Portland, ME office on a hybrid schedule with 2 days per week on-site. For candidates not located within a commutable distance to our office, Diversified may choose to consider remote work options. ABOUT THE ROLE As our Cybersecurity and Privacy Manager, you'll own the strategy and day-to-day execution of the information security and data privacy program that protects a global portfolio of live events and media brands. You'll work closely with the VP of Technology & Security and collaborate across IT, legal, and business teams, giving you both the executive visibility and the cross-functional reach to drive real impact. This is a rare opportunity to lead with both technical depth and human-centered purpose at a company where your work directly safeguards the communities we serve. WHAT YOU'LL DO Security Program Leadership: Develop and manage the enterprise information security strategy, framework, and roadmap — including controls, policies, standards, and procedures across on-premises, cloud, and hybrid environments. Incident Response & Resilience: Lead incident response efforts and keep disaster recovery and business continuity plans current; coordinate with third-party vendors, forensic investigators, and internal stakeholders when it matters most. Threat & Vulnerability Management: Oversee vulnerability assessments, penetration testing, risk assessments, and security audits; monitor the evolving threat landscape and present regular program efficacy reports to senior leadership. Privacy Program Management: Build and maintain the organization's privacy controls, policies, and procedures; manage data subject access requests and privacy incidents; and stay ahead of changes in regulations like GDPR, HIPAA, and applicable state privacy laws. Vendor & Budget Oversight: Manage relationships with security and privacy vendors, negotiate contracts and SLAs, and steward the program budget — identifying cost-saving opportunities without compromising protection. Security Infrastructure Management: Oversee and optimize the security technology stack, including firewalls, IDS/IPS, SIEM, and endpoint protection platforms. Team Leadership & Awareness: Directly manage and mentor the IT Security and Privacy Analyst, set clear objectives, support professional development, and build security awareness training programs that resonate with employees across the organization. WHAT YOU'LL BRING Experience & Leadership: 5+ years of progressive information security or cybersecurity experience, including at least 2 years in a supervisory or leadership role, with a track record of building and maturing security programs. Technical Depth: Advanced knowledge of Microsoft Azure and Microsoft 365, identity and access management, network security principles, SIEM, IDS/IPS, endpoint protection, and vulnerability assessment and penetration testing tools. Cloud & Modern Security Practices: Familiarity with multi-cloud environments, Cloud Security Posture Management (CSPM) tools, DevSecOps practices, secure SDLC principles, and AI/ML security concepts including prompt injection risks. Privacy & Compliance Knowledge: Intermediate-to-advanced understanding of privacy legislation and regulatory frameworks — including GDPR, HIPAA, and state privacy laws — with experience evaluating vendor contracts and managing data subject requests. Frameworks & Certifications: Familiarity with one or more frameworks like NIST CSF, ISO 27001, and CIS Controls; certifications such as CISSP, CISM, CIPP, or CRISC are preferred Communication & Influence: Strong written and verbal communication skills, with a proven ability to translate complex security topics for non-technical audiences and present confidently to senior leadership. Judgment & Confidentiality: Sound analytical and problem-solving instincts, the ability to manage competing priorities, and the discretion to handle sensitive issues with appropriate care. TRAVEL This role includes occasional travel to support on-site technology needs at Diversified events and other business opportunities. WHY DIVERSIFIED? Work Environment: We offer the flexibility to work fully remote or enjoy a hybrid work schedule. Let our culture speak for itself. Work-Life Balance: Generous paid time off programs including vacation, sick leave and paid family and medical leave. Training & Development: From training conferences to professional development seminars, we invest in resources, including LinkedIn Learning for all staff, that empower employees to excel in their careers. Comprehensive Healthcare: Inclusive benefits beyond traditional healthcare coverage, including no-cost-to-you services. Free access to all employees and their families to a national network of licensed clinical psychologists, interactive self-paced programs, life coaches and 24/7 support. Wellness Benefits: Employees can earn credit towards their health insurance premiums by engaging in our Wellness Program which supports physical, mental, and emotional well-being through offering fitness challenges, webinars, and nutrition education. We are dedicated to creating, promoting, and nurturing a safe & inclusive work environment and we expect the same from each of our employees. We value diverse talents and welcome individuals with unique backgrounds, working styles, and skillsets. We believe that our differences make us a better team and stronger community by allowing us to make better decisions, be more innovative, and better serve our customers and business partners. We invite you to learn more about us.