Overview
The Retail and Hospitality ISAC (RH-ISAC) works with cybersecurity teams to transform the way companies mature capabilities and collaborate to reduce the risk of cybercrime. Its mission is to be the most trusted voice in cybersecurity intelligence and information sharing for consumer-facing industries. The RH-ISAC serves the retail and hospitality sectors with members in traditional retail, online commerce, restaurants, hotels, gaming casinos, consumer product manufacturers and other consumer-facing industries.
The Cyber Research Manager reports to the Director of Engagement, Research & Analytics and is responsible for maturing the RH-ISAC research program as the go-to place for cybersecurity insights in retail, hospitality, and travel. Through benchmarks, surveys, and requests for information (RFIs), this role will facilitate learning among members via written reports, webinars, working group presentations, and 1:1 consultations when necessary. This person will work closely with internal and external stakeholders to identify projects and desired outcomes, appropriately schedule and budget initiatives, and develop strategic insights that support content and engagement strategies.
Major Duties and Responsibilities
- Independently manages and executes research initiatives (e.g., benchmarks, surveys) through all phases of the research process. This includes managing large-scale research projects and partners across all phases: planning and design, data collection and analysis, production, review, and presentation of final deliverables.
- Annual benchmarks include (but not limited to): CISO Benchmark, InfoSec Org Chart Benchmark, and Tools & Technology Benchmark. Surveys include: cyber-specific topics of interest (e.g., cyber insurance, IAM, vulnerability management, fraud, and other working group needs), as well as member satisfaction surveys.
- Owns and proactively manages the RFI process, including coordination with internal RH-ISAC teams to provide timely, relevant answers and resources. This includes the Cyber Threat Intel (CTI) team for advanced technical data on threats or incidents, and the Engagement, Research & Analytics team for working group outputs/initiatives and Associate Member expertise, as needed.
- Actively develops member relationships and facilitates engagement among members to participate and respond to RFIs. This includes targeting specific audiences for promotion and awareness, making 1:1 connections among members when necessary, and writing summary reports for RFIs that generate substantial responses.
- Manages relationships with the CISO Benchmark Taskforce and works closely with the Intel & Engineering Advisory Committee and working group champions to set strategic research goals and design research initiatives that meet member needs and advance community learning and knowledge share.
- Works closely with Associate Members, research and education partners (e.g., IANS Research, SANS Institute), and industry partners to execute on said initiatives via benchmarks and surveys, and publishes co-branded written reports and presentations.
- Collaborates with the internal marketing team for campaigns and promotion, and stays up to date on industry reports, tools, tactics, procedures, vendor capabilities and emerging technology.
- Provides metrics and reporting for all research initiatives (i.e., benchmarks, surveys, RFIs). This includes tracking member participation, topics of interest over time, and unanswered and repeat RFIs; able to identify subject matter experts among membership.
- Additional relevant and necessary duties to ensure the effectiveness of the ISAC organization in delivering knowledge and insights to members.
The Ideal Candidate Will Have:
- Cybersecurity background and experience is required (e.g., programs, practices, tools).
- Depth and breadth of knowledge across multiple security domains such that they will be seen as a subject matter expert internally and for our members.
- 3+ years of relevant experience conducting qualitative and quantitative research for clients, including survey design, interviews, trends analysis; consulting experience is a plus.
- Ability to leverage diverse data sources to independently identify insights and translate into actionable recommendations that advance member and team knowledge.
- Ability to engage with CISOs and practitioners in meetings, working group sessions, and workshops to critically understand, reframe, and identify key themes.
- Excellent communication and presentation skills - written and verbal.
- Pro-active self-starter who brings new ideas to the table and owns/executes new initiatives with minimal oversight.
- Ability to self-educate; passion for continuous learning to maintain and develop skillsets.
- A history of impeccable maturity and sound judgment.
- A passion for connecting with and supporting members.
- Be detail-oriented, deadline-driven, adaptable, and dependable.
- Ability to work independently, confidently, and creatively in a matrixed environment.
- Be genuine in the desire and willingness to support teammates.
- Lead as well as roll up the sleeves and work alongside staff and member analysts.