Why Arbella?

At Arbella, we’re focused on people. We work hard to attract and retain the best. That means providing a great work environment, encouraging work/life balance, offering flexible work arrangements, and competitive, industry-leading salaries and benefits packages. We invest in our employees and encourage them to grow so that we, too, can grow as a company.

Other perks include:
•On-site gym and fitness classes and one-on-one personal training
•On-site nurse, nutritional counseling, and mental health resources
•Full-service cafeterias
•Free shuttle service to Quincy Adams T Station
•Tuition assistance programs
•Opportunities to get involved: Arbella Activities Committee, Diversity and Inclusion Council, and more
•A company committed to community: volunteer opportunities, employee- led community efforts, and the Arbella Insurance Foundation
•Robust training, mentorship, and professional/personal development programs
•Colleagues who genuinely care about each other

Arbella is committed to building a workplace that’s diverse, inclusive, and equitable for everyone. We’ve created a culture that supports a diverse workplace where all are valued for their talents and are empowered to reach their full potential.

It’s no wonder our employees have voted Arbella one of the Boston Business Journal’s “Best Places to Work” every year since 2009!

We are seeking a highly experienced and technically proficient Cybersecurity Manager to lead day-to-day security operations and ensure consistent execution of key cybersecurity initiatives.

This role is best suited for a hands-on leader with broad, real-world experience across cybersecurity technologies and domains. The ideal candidate has a proven track record of running security operations, improving processes, and driving remediation efforts to completion. This individual will bring structure, accountability, and follow-through to the team while ensuring alignment with established cybersecurity frameworks such as NIST and CIS.

Key Responsibilities

This role is responsible for the effective operation and continuous improvement of the organization’s cybersecurity program. The Cybersecurity Manager will oversee core security functions—including security monitoring, vulnerability management, identity and access management, endpoint protection, and network security—ensuring that tools and processes are not only in place, but functioning effectively and delivering meaningful results.

A key component of this role is ownership of Security Operations (SecOps). This includes ensuring effective monitoring, detection, and response capabilities across the environment through tools such as SIEM, EDR, and network-based detection platforms. The Cybersecurity Manager will be responsible for ensuring alerts are meaningful and actionable, tuning detections to reduce noise, and establishing consistent processes for triage, investigation, and response. This role also includes strengthening incident response practices, improving visibility across systems, and ensuring that security events are translated into actionable insights and continuous improvements to the organization’s security posture.

Another focus of the role is execution. This individual will take ownership of a prioritized body of work that includes vulnerability remediation, audit findings, and control improvements. Success in this role requires the ability to bring structure to ongoing efforts, ensure work is clearly defined, and drive initiatives through to completion with measurable outcomes. The Cybersecurity Manager will be expected to identify where efforts are stalling and implement the discipline needed to maintain momentum and visibility.

In addition to operational leadership, this role will ensure that security practices are aligned with frameworks such as NIST and CIS in a practical and sustainable way. This includes translating framework requirements into real-world controls, supporting audit activities, and ensuring that remediation efforts are both effective and lasting.

The role also includes oversight of cloud and application security practices. The Cybersecurity Manager will work closely with infrastructure and engineering teams to ensure appropriate controls are in place across cloud platforms, SaaS environments, and internally developed or supported applications.

From a people leadership perspective, this individual will be responsible for building and maintaining a high-performing team. This includes mentoring team members, strengthening technical capabilities, and providing clear performance expectations and feedback. The Cybersecurity Manager will regularly assess team effectiveness, identify skill gaps, and make recommendations to ensure the team is positioned to meet both current needs and near-term priorities.

Required Qualifications:

• 7+ years of cybersecurity experience with strong hands-on technical depth across multiple domains, along with 3+ years in a leadership role.

• Broad, practical experience working with core cybersecurity technologies such as SIEM, EDR, vulnerability management and scanning tools, IAM/PAM solutions, and network security platforms.

• Experience with cloud security (Azure, AWS, or GCP) and familiarity with application security practices.

• Demonstrated ability to drive remediation efforts and operational work to completion.

• Experience aligning security controls to frameworks such as NIST or CIS in a practical, operational way.

• Proven experience managing, mentoring, and developing team members.

Preferred Qualifications:

• Experience with tools such as Rapid7, Microsoft E5 Security (Defender, Entra ID, Purview), Darktrace, CyberArk, and Palo Alto.

• Experience in regulated environments such as financial services or insurance.

• Background in audit support and remediation management.

• Relevant certifications such as CISSP, CISM, or equivalent.

Our current reasonable and good faith estimate of the annual salary or hourly wage range for this position is approximately $160,000 to $180,000 based on a variety of factors including, but not limited to, relevant skills and experience, educational background and certifications, performance and qualifications, market demand for the role and other organizational needs.

Please note: The advertised pay range is not a guarantee or promise of a specific wage.

#LI-MG1