North America IT Security Manager
The NA IT Security Manager’s role is to provide vision and leadership for developing and supporting security initiatives.
The NA IT Security Manager directs the planning and implementation of enterprise IT systems, business operations, and facility defenses against security breaches and vulnerability issues.
This individual is also responsible for auditing existing systems, while directing the administration of security policies, activities, and standards.
Responsible for overseeing all aspects of information security, including Cloud Security, DevSecOps, Security Operations, and Security Strategy.
Your role will be pivotal in ensuring the reliability, scalability, and security of our systems to support our rapidly evolving business while adhering to industry best practices.
Responsibilities
Strategy & Planning
- Develop and communicate security strategies and plans to executive team, staff, partners, customers, and stakeholders.
- Participate as a member of the IT management team in governance processes of the organization’s security strategies.
- Lead strategic security planning to achieve business goals by prioritizing defense initiatives and coordinating the evaluation, deployment, and management of current and future security technologies using a risk-based assessment methodology.
- Develop a multi-year strategy and roadmap for IT to anticipate and scale to support all business initiatives across the company.
Anticipate and manage future technology debt challenges through partnership and raising awareness of technical dependencies.
- Align with Japan GHQ overall security strategy and roadmap and ensure coordination of implementations for the PAMA Region.
- Assist with the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements.
- Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices.
Acquisition & Deployment
Define and communicate corporate plans, procedures, policies, and standards for the organization for acquiring, implementing, and operating new security systems, equipment, software, and other technologies.
Operational Management
- Act as advocate and primary liaison for the company’s security vision via regular written and in-person communications with the company’s executives, department heads, and end users.
- Work closely with the IT department on corporate technology development to fully secure information, computer, network, and processing systems.
- Manage the administration of all computer security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software.
- Recommend and implement changes in security policies and practices in accordance with changes in local or federal law.
- Creatively and independently provide resolution to security problems in a cost-effective manner.
- Assess and communicate any and all security risks associated with any and all purchases or practices performed by the company.
- Collaborate with IT leader, privacy officer, and HR to establish and maintain a system for ensuring that security and privacy policies are met.
- Where necessary, supervise recruitment, development, retention, and organization of security staff in accordance with corporate budgetary objectives and personnel policies.
- Promote and oversee strategic security relationships between internal resources and external entities, including government, vendors, and partner organizations.
- Remain informed on trends and issues in the security industry, including current and emerging technologies and prices. Advise, counsel, and educate executive and management teams on their relative importance and financial impact.
- Participate and adhering to global CSIRT activities while leading the regional efforts for the same.
- Work on cyber insurance requirements of conducting Table Top exercises and keeping Incident response plans and related processes updated.
- Ensuring company IT meets JSox and TISAX requirements.
- Security awareness training for end users and implement security training exercises for the IT team
Position Requirements
Formal Education & Certification
- University degree in Computer Science or Business Administration.
- Master’s or PhD degree in one these fields or Information Security preferred.
- Certifications preferred : CISSP, GIAC Security Essentials Certification, GIAC Security Leadership Certification
Knowledge & Experience
- 15 years experience managing and / or directing an IT and / or security operation.
- 10+ years experience working in the Manufacturing industry.
- Proven experience in planning, organizing, and developing IT security and facility security system technologies.
- Experience in planning and executing security policies and standards development.
- Excellent knowledge of technology environments, including information security, building security, and defense solutions.
- Considerable knowledge of business theory, business processes, management, budgeting, and business office operations.
- Substantial exposure to data processing, hardware platforms, enterprise software applications, and outsourced systems, including cloud systems, ERP (preferably SAP), SaaS based applications, manufacturing shop floor systems.
- Good understanding of computer systems characteristics, features, and integration capabilities.
- Experience with systems design and development from business requirements analysis through to day-to-day management.
- Excellent understanding of project management principles.
- Superior understanding of the organization’s goals and objectives.
- Demonstrated ability to apply IT in solving security problems.
- In-depth knowledge of applicable laws and regulations as they relate to security.
- Proven leadership ability