Position Overview:
This role will report to the Division Director of Information Security, supporting cyber and information security initiatives across North America. This role is hybrid and flexible.
Key Responsibilities:
- Lead key initiatives within the Division's Information Security strategy, working closely with Division and Global teams.
- Investigate and resolve cybersecurity incidents in collaboration with Network, Infrastructure, Global SOC, and the Division Director.
- Manage the annual NIST CSF assessment process, including issue tracking and implementing corrective actions.
- Oversee penetration testing, vulnerability scanning, and remediation efforts, providing guidance to Infrastructure teams.
- Offer security assessments and expert advice for critical projects such as Power BI and ERP system upgrades.
- Manage IT supply chain security processes, including vendor assessments and improvements in SaaS/application inventory controls.
- Contribute to the development and direction of security solutions, including IAM, SASE, and Zero-Trust architectures.
- Assist in promoting cybersecurity awareness through communication and training for both IT teams and end users.
- Collaborate with the Division Director to define and track KPIs and SLAs.
- Support the continuous improvement of cybersecurity policies and procedures at the Division and Global levels.
- Stay current on the latest cybersecurity trends, best practices, and emerging threats.
Qualifications:
- Bachelor's Degree required.
- 6+ years of experience in information security.
- Relevant certifications (CISSP, CCSP, CISM) or similar.
- Experience in large manufacturing/distribution environments, preferably with distributed/global teams.
- Familiarity with cybersecurity/privacy frameworks.
- Experience with penetration testing, vulnerability assessments, and remediation.
- Knowledge of SecDevOps, secure SDLC, network security (NGFW, SASE, Zero-Trust, EDR), and cloud security (Azure, AWS, Google).