HASI
Finance
SeniorManager,Cybersecurity
Neural analysis suggests this role is
optimal for Manager candidates.
“Senior Manager, Cybersecurity at HASI. Skills: Enterprise cybersecurity strategy, Security architecture, Security operations, Microsoft 365 security, Cloud security. Define enterprise cybersecurity strategy. Execute enterprise cybersecurity strategy”
Industry & Context.
Root cause analysis
What They're Looking For.
Must Have
5+ years cybersecurity experience, Hands-on security leader, Technical execution focus, Microsoft 365 security ownership, Cloud security experience, Develop security policies, Implement security controls, Manage security operations, Vulnerability management experience, Incident response experience, Develop security strategy, Define security architecture, Lead cybersecurity personnel, CIS hardening baselines, Security GPOs, Secure workstation images, Secure server images, Secure cloud environments, Identity-centric security controls, Secure networking, Logging and monitoring, Automation integration, Infrastructure-as-code integration, SASE implementation experience, DLP implementation experience, IAM implementation experience, PAM implementation experience, Endpoint security implementation, SIEM implementation experience, Zero Trust architecture experience, Develop CIS hardening standards, Enforce CIS hardening standards, Develop security baselines, Enforce security baselines, Develop secure images, Enforce secure images, Experience with SOX, Experience with SOC 2, Lead teams technically, Execution-focused leadership
Nice to Have
CISSP certification preferred, CISM certification preferred, CISA certification preferred, CIS Controls Practitioner preferred, Microsoft Security certifications preferred
What You'll Do.
Define enterprise cybersecurity strategy
Execute enterprise cybersecurity strategy
Maintain enterprise cybersecurity strategy
Define security roadmap
Execute security roadmap
Maintain security roadmap
Define target security architecture
Execute target security architecture
Maintain target security architecture
Establish cybersecurity policies
Enforce cybersecurity policies
Establish technical controls
Enforce technical controls
Embed cybersecurity into architecture
Embed cybersecurity into infrastructure
Embed cybersecurity into cloud platforms
Embed cybersecurity into technology initiatives
Provide risk-based reporting
Configure security technologies
Implement security technologies
Tune security technologies
Lead platform implementation
Manage security platforms
Perform vulnerability identification
Oversee vulnerability identification
Participate in threat detection
Participate in security monitoring
Participate in incident response
Participate in root cause analysis
Participate in post-incident remediation
Manage SOC capabilities
Enhance SOC capabilities
Validate response quality
Own Microsoft 365 security
Manage Microsoft 365 security
Design Conditional Access policies
Implement Conditional Access policies
Design identity protection controls
Implement identity protection controls
Design Zero Trust access models
Implement Zero Trust access models
Implement MDM strategy
Implement MAM strategy
Develop CIS hardening baselines
Implement CIS hardening baselines
Develop security GPOs
Implement security GPOs
Develop secure workstation images
Implement secure workstation images
Develop secure server images
Implement secure server images
Ensure secure configuration
Ensure continuous hardening
Lead secure cloud design
Implement secure cloud configuration
Implement identity-centric security controls
Implement secure networking
Integrate security controls into automation
Integrate security controls into IaC
Integrate security controls into IT delivery
Lead cybersecurity personnel
Mentor cybersecurity personnel
Develop cybersecurity personnel
Drive continuous improvement
How You'll Work.
Team & Collaboration
Peer technology functions; Risk stakeholders; Compliance stakeholders; Legal stakeholders; Business stakeholders
Communication Scope
Risk reporting
Process & Methodology
Roadmap planning
Full Job Description
## Description About HASI HASI is an investor in sustainable infrastructure assets advancing the energy transition. With more than $16 billion in managed assets, our investments are diversified across multiple asset classes, including utility-scale solar, storage, and onshore wind; distributed solar and storage; RNG; and energy efficiency. We combine deep expertise in energy markets and financial structuring with long-standing programmatic client partnerships to deliver superior risk-adjusted returns and measurable environmental benefits. HA Sustainable Infrastructure Capital, Inc. is listed on the New York Stock Exchange (Ticker: HASI). For more information, please visit hasi.com. Position Summary The Sr. Manager, Cybersecurity is a hands-on technical leader responsible for defining, leading, and executing the organization’s enterprise cybersecurity strategy, architecture, and daily security operations. This role combines strategic ownership with direct technical execution, requiring active involvement in designing, implementing, configuring, and maintaining security controls across the enterprise. This role operates as a core member within the Digital Technology Organization (DTO), working in close alignment with peer technology functions while engaging collaboratively with risk, compliance, legal, and business stakeholders. The position ensures the confidentiality, integrity, and availability of HASI’s information assets while aligning cybersecurity initiatives with business objectives, regulatory requirements, and industry best practices. Beyond governance and oversight, this role is deeply engaged in security engineering and operations, including tool deployment, control configuration, vulnerability management, and incident response. A strong emphasis is placed on Microsoft 365 and cloud security, with expectations to operate directly within platforms to implement and optimize controls. The Sr. Manager owns the adoption and execution of cybersecurity framew
Applying for this Senior Manager, Cybersecurity role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Lever
- Lever uses a streamlined one-page form — apply in under 5 minutes.
- LinkedIn import works well; review parsed data before submitting.
- The cover letter field is optional but visible to reviewers — use it to differentiate.
- Referral codes from employees can significantly boost visibility of your application.
ANONYMOUS · UNFILTERED
What do employees actually say about HASI?
Real rants from real employees. Read before you apply.