Group Manager, IT/Security

Panasonic Group Manager, IT Security

about how Panasonic is creating a better life, a better world.

to see how our employees are shaping the technologies that move us. What You'll Get To Do : The Group Manager of IT Security Operations will lead and build a high impact security operations team focused on protecting PNA sites and assets.

This role will research industry trends, introduce and transition new technology into the. IT Security Architect

• Create solutions to close security gaps, and provide internal consulting services to Panasonic sales companies and manufacturing divisions as subject matter expert.
• Gain a thorough understanding of IT Security landscape and issues in the Americas region and represent the Americas region to Panasonic HQ as IT Security leader.
• Recommend and design upgrades and enhancements to IT infrastructure to achieve higher levels of information security and data protection.
• Recommend and design security enhancements to IT Applications and assist application teams in implementing these enhancements.
• Assist in the development of new security operations processes, refinement / improvement of existing processes.
• Provide input to existing use cases and lead design of new use cases.
• Develop and prepare the required security control documents or artifacts, and conduct security control assessments, and security test and evaluation.

IT Security Operations

• Manage 3-5 Security Analysts to support PISCA Cybersecurity team.
• Review and approve IT Security requests from vendors, users, and business partners.
• Provide approvals and advice to the Operations group for IT Security related issues and requests.
• Manage team that performs all network and web vulnerability scan activities.
• Manage the Panasonic PCI compliance requirement for E-Commerce activities.
• Work with IT Business Partners to ensure Panasonic business IT Security concerns are mitigated.
• Propose and manage local and regional IT Security projects.
• Manage large global IT Security projects as proposed by Panasonic HQ.
• Manage team that assist with IT Infrastructure projects, especially in areas of IT Security.
• Coordinate Security aspects of global infrastructure and application projects in the Americas region.
• Strong experience investigating enterprise cyber security incidents, threats and vulnerabilities.
• Ability to read and understand system data, including, but not limited to, security event logs, system logs, and firewall logs.
• Perform the necessary efforts to analyze, assess, evaluate, integrate, improve, implement, test, sustain, and maintain the PNA cybersecurity posture.
• Perform necessary cyber domain activities to ensure the PNA standards are maintained.
• Develop and document security design artifacts and associated security controls that are meeting the security acceptance criteria and package the accreditation and authorization documents in support of each domain Certification and Accreditation process.
• Prepare and document the risk mitigations and maintain and update the Plan of Action and Milestones POA M .
• Perform technical vulnerability scanning and secure configuration assessments, penetration testing and analyze the scan results, recommend the plans of action, and update the POA M accordingly.
• Analyze and define security requirement information protection for enterprise systems and networks.
• Assist in the development of security policies.
• Analyze the sensitivity of information and performs vulnerability and risk assessments based on defined sensitivity and information flow.

Compliance and Change Control

• Oversee Compliance and change management internal and external resources
• Manage the change control process focusing on risk management, business impact
• Assist IT Compliance in ensuring that all vendor contracts appropriately enforce Panasonic information security requirements.
• Work closely with IT Compliance and procurement in RFI or RFP process to ensure IT Security requirements are integrated into future vendor contracts.
• Work with Legal Department as necessary to provide SME support in review of IT contracts.
• Supports Assessment and Authorization A A or other RMF and cybersecurity Compliance and Auditing processes and inspections for
• Perform compliance reviews of computer security plans, performs risk assessments, and validates and performs security test evaluations and audits.

all enterprise systems and networks and ensures validity, accuracy review of all associated documentation.

• Develop and manage governance process for IS compliance, manage compliance documentation
• Ensure compliance with SOX, CISPG and IS management standards internal audits IS
• Validate management controls for access to applications and infrastructure or data governance security
• Support internal, external and CISPG audit processes
• Measure compliance process effectiveness through KPIs, streamline controls management through automation and elimination of redundant documentation and processes
• North America Compliance Representative for Global Controls
• Define and align CISC-AM policies or procedures with IS Global controls
• Manage the resolution and escalation process for compliance issues

Security policies

• Create technical security procedures documentation as well as security policies covering all aspects of IT Security.
• Design security role matrices for critical systems covering operating system, databases, and applications.
• Work closely with IT Compliance to ensure that security policies are adhered to by internal and external parties.
• Work closely with Risk Management in the areas of IT Security.
• Review project and vendor security policies to determine if adequate information security protection is offered.

Cloud SaaS Security

• Work closely with Panasonic HQ to complete detailed surveys of Cloud vendors and perform Risk Assessment of Cloud vendors.
• Work closely with Panasonic HQ in completion of security reviews of Internet based services.
• Represent the AM region to Global Security teams in Global Cloud solution initiatives
• Assist IT Compliance with SaaS related compliance requirements
• Assist Panasonic business units with assessment of Cloud security requirements
• Establish processes for future reviews of security profiles of Cloud vendors.

SOX IT Security controls

• Be responsible for the SOX ITGC Security Controls
• Own the IT Security processes associated with these controls
• Perform monthly testing of SOX IT Security controls
• Work closely with IT Compliance and Audit Department during SOX audit
• Report SOX testing results to all levels of management including CIO
• Design and propose improvements to testing and audit processes
• Design and propose improvements to Application Security processes critical to SOX

What You'll Bring : Basic Qualifications

• IT Security subject matter expert for a regional IT organization and internal consultant and champion of IT Security related matters.
• Experience managing / leading an IT team.

Education and Experience

• Undergraduate degree in IS or related field desired.
• Security certifications are a plus.
• Minimum of 10 yrs. in technical IT Architecture and understanding of interaction between various IT Systems.
• Broad familiarity with logical security of applications, roles and access separation, access control and monitoring, and separation of duties.
• Experience with security audits, perimeter scanning, security incident investigations.
• General familiarity with IT Infrastructure such as network, DMZ, servers, virtualization, Citrix, web servers, applications, firewalls, databases, and application logical access.
• Managing small IT Infrastructure and security projects, investigating security incidents, prioritizing security exposures, writing security policies.

Knowledge of Personal Information Protection policies and identification of associated policies.

• Knowledge of IT Security policies, procedures and standardization of security practices.
• Familiar with security services such as encryption, authentication, and intrusion detection.
• Knowledge of information security controls and their application.

Competencies

• Out of the box thinking in order to troubleshoot a variety of security issues, including coming up with creative solutions to solve security issues with optimal resources.
• Ability to define risks, establish requirements, and design solutions to remediate.

Communications

• The ability to communicate security issues, considerations, and ROI on security activities to IT management and recommend improvements in systems, processes, and IT Security Architecture.
• Excellent written and verbal communication skills.

Other Requirements

Working conditions, physical requirements, travel, etc. 0-10%

What We Offer :

• Competitive compensation package
• Comprehensive benefits
• Pet Insurance
• Paid Parental Care Leave
• Employee Referral Program
• Educational Assistance
• Flexible Work Program
• Volunteer time Off
• Casual Dress Code
• Total Well Being Program
30+ days ago