Job Title: Corporate Director, Cyber Security
Berwyn, PA, US, 19312
This position is based full time out of our Corporate headquarters in Berwyn, PA. A full relocation package is available for the selected candidate.
Position Summary:
The Corporate Director of Cyber Security is a key leader in identifying and mitigating potential security risks and threats. The ideal candidate will be responsible for maintaining a global, enterprise-wide information security management program to ensure that information assets are adequately protected. This includes continued development and maintenance of information security policies, standards, procedures, and guidelines to ensure the confidentiality, integrity, and availability of information. The Director will monitor and analyze security events and incidents, investigate security breaches, and initiate appropriate response and recovery actions. This position reports directly to the CIO and works closely with the company’s executive leaders, IT teams, and business units.
Key Responsibilities:
- Strategic Leadership:
- Develop, implement, and oversee a comprehensive enterprise information security strategy, policy, and program.
- Align the security strategy with business objectives and ensure security policies, standards, and practices are embedded across the organization.
- Ensure that the company meets the requirements of relevant external regulators.
- Provide guidance and leadership on security best practices to senior management and the Board of Directors.
- Risk Management:
- Lead the identification, assessment, and prioritization of security risks; recommend appropriate risk mitigation strategies.
- Conduct security risk assessments and audits to ensure the effectiveness of security controls.
- Manage third-party risks and ensure secure relationships with vendors and partners across the company’s entire vendor base and supply chain.
- Manage external assessments of the company’s cyber posture and ensure defects are remediated.
- Governance and Compliance:
- Ensure compliance with industry standards and regulations such as GDPR, HIPAA, SOX, PCI-DSS, CMMC, NERC and other relevant legal and regulatory frameworks.
- Ensure that emerging Cyber requirements including data sovereignty and residency are tracked in all countries in which the company operates and implement approaches that meet the requirements and business needs.
- Establish and enforce security policies, procedures, and governance frameworks that meet corporate and regulatory requirements.
- Oversee security audits and external assessments.
- Incident Response and Threat Management:
- Develop and maintain the organization’s incident response and disaster recovery plans.
- Lead the response to security incidents and breaches, ensuring the protection of critical systems and sensitive data.
- Manage the Cyber Incident Response team.
- Security Operations:
- Oversee security operations, including monitoring, detection, and response to security threats and vulnerabilities.
- Specific, design, implement and manage appropriate security technologies.
- Manage the company’s Security Operations Center (SOC).
- Team Management:
- Build, manage, and lead a team of information security professionals.
- Develop and oversee security training programs to raise awareness among employees.
- Foster a culture of security across the organization.
- Innovation and Technology:
- Stay up to date with emerging security threats and technology trends, adapting the organization’s security strategy as necessary.
- Identify and implement appropriate security technologies and tools to protect the organization’s assets.
- Lead initiatives for the continuous improvement of security systems and processes.
Qualifications:
- Education and Experience:
- Bachelor’s or Master’s degree in Information Security, Cybersecurity, Information Technology, or a related field.
- 15+ years of experience in information security roles, including 7+ years in leadership or executive positions.
- Experience in a multinational, manufacturing company operating in regulated industries.
- Proven track record in implementing and managing information security programs at a senior level.
- Relevant cybersecurity certifications.
#LI-MM1
Nearest Major Market: Philadelphia