- Facilitates a cyber security governance structure through a governance program, including the corporate cybersecurity steering committee.
- Responsible for regular reporting on the current status of the cyber security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program, thus supporting business outcomes.
- Develops, socializes and coordinates approval and implementation of security policies
- Works with the vendor management office to ensure that cyber security requirements are included in contracts by liaising with vendor management and procurement organizations
- Directs the creation of a targeted cyber security awareness training program for all employees, contractors and approved system users, and establishes metrics to measure the effectiveness of this security training program for the different audiences
- Understands and interacts with related disciplines, either directly or through committees, to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management.
- Provides clear risk mitigating directives for projects with components in IT, including the mandatory application of controls.
- Embeds Cyber Judgement across a decentralized or distributed decision making model
- Leads the security champion program to mobilize employees in all locations
- Leads the cyber security function across the company to ensure consistent and high-quality cyber security management in support of the business goals.
- Determines the cyber security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of non-digital risk areas.
- Manages the budget for the cyber security function, monitoring and reporting discrepancies
- Manages the cost-efficient cyber security organization, consisting of direct reports and dotted line reports (such as individuals in business continuity and IT operations). This includes hiring (and conducting background checks), training, staff development, performance management and annual performance reviews.
- Develops a cyber security vision and strategy that is aligned to organizational priorities and enables and facilitates the organization's business objectives, and ensures senior stakeholder buy-in and mandate
- Develops, implements and monitors a strategic, comprehensive cyber security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy and recovery of information assets owned, controlled or/and processed by the organization.
- Develops and enhances an up-to-date cyber security management framework based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
- Creates and manages a unified and flexible, risk-based control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations
- Develops and maintains a document framework of continuously up-to-date cyber security policies, standards and guidelines. Oversees the approval and publication of these cyber security policies and practices
- Facilitates a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitates appropriate resource allocation, and increases the maturity of the information security, and reviews it with stakeholders at the executive level
- Creates the necessary internal networks among the cyber security team and line-of-business executives, corporate compliance, audit, physical security, legal and HR management teams to ensure alignment as required
- Builds and nurtures external networks consisting of industry peers, ecosystem partners, vendors and other relevant parties to address common trends, findings, incidents and cybersecurity risks
- Liaises with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies
- Liaises with the enterprise architecture team to build alignment between the security and enterprise (reference) architectures, thus ensuring that cyber security requirements are implicit in these architectures and security is built in by design
- Creates a risk-based process for the assessment and mitigation of any cyber security risk in the ecosystem consisting of supply chain partners, vendors, consumers and any other third parties
- Works with the compliance staff to ensure that all information owned, collected or controlled by or on behalf of the company is processed and stored in accordance with applicable laws and other global regulatory requirements, such as data privacy
- Defines and facilitates the processes for cyber security risk and for legal and regulatory assessments, including the reporting and oversight of treatment efforts to address negative findings
- Ensures that security is embedded in the project delivery process by providing the appropriate cyber security policies, practices and guidelines
- Manages and contains cyber security incidents and events to protect corporate IT assets, intellectual property, regulated data and the company's reputation
- Monitors the external threat environment for emerging threats, and advises relevant stakeholders on the appropriate courses of action
- Develops and oversees effective disaster recovery policies and standards to align with the enterprise business continuity and disaster recovery programs, with the realization that components supporting primary business processes may be outside the corporate perimeter
- Coordinates the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event
- Facilitates and supports the development of asset inventories, including information assets in cloud services and in other parties in the organization's ecosystem
- Demonstrated experience and success in senior leadership roles in risk management, information security, and IT or OT security
- Degree in business administration or a technology-related field, or equivalent work- or education-related experience
- Certified Information Systems Security Professional (CISSP), Certified Cyber security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials
- Experience successfully executing programs that meet the objectives of excellence in a dynamic business environment
- Experience with contract and vendor negotiations
- Knowledge and understanding of relevant legal and regulatory requirements
- Knowledge of common cyber security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including and Cybersecurity Framework
- Sound knowledge of business management and a working knowledge of cyber security risk management and cybersecurity technologies
-
Manager of Cyber Security
5 days ago
Alined Consulting Group Oak Brook, United StatesQualifications · • · Minimum of 5 years of experience in cybersecurity leadership roles, preferably in higher education or a similarly complex environment · • · Proven track record of developing and implementing cybersecurity programs, policies, and procedures · • · Demonstrated ...
-
Cyber Security Analyst
6 hours ago
Sentinel Offender Services Downers Grove, United StatesResponsibilities: · Sentinel is seeking an experienced Cyber Security Analyst, responsible for planning and implementing security measures to protect computer systems, networks, and data to join our award winning team. This person will monitor network traffic to act as a first r ...
-
Cyber Security Engineer
3 weeks ago
NovaWorks Solutions Willis, United StatesAbout the Company · Cogitron - Mind for Systems As a consulting firm with technical roots, we help our clients design their products safely and outstandingly in the context of diverse consulting projects. Sometimes we are helpers, sometimes coordinators, and sometimes auditors. · ...
-
Cyber Security Analyst
3 weeks ago
Northern Trust Corporation Naperville, United States Full timeDescription · : As part of Northern Trust's security operations center, a tier one security analyst will conduct security monitoring, security incident identification, incident prioritization, incident escalation and directed response support functions.Tier one analyst will play ...
-
Cyber Security Technical Writer
1 week ago
GEM Technologies Inc. Oak Ridge, United States Full time, RegularGEM Technologies, Inc. (GEM) is seeking a Cyber Security Technical Writer to join our team. This position is full-time and will serve the Y-12 National Security Complex in Oak Ridge, TN. · Clearance Level Required: · Uncleared - Must be able to obtain and maintain a Clearance · ...
-
Cyber Security Vulnerability Analyst
3 days ago
Oak Ridge National Laboratory Oak Ridge, United StatesRequisition Id 13107 · Due to the security clearance requirements of this position, we are unable to consider EAD and Green Card holders. Additionally, Visa sponsorship of any kind is unavailable for this position (H1B, F1, OPT, H4, J1, etc.). · Overview: · We are hiring a Cyb ...
-
Cyber Security Engineer
1 week ago
Atlantic Partners Corporation Chicago, United StatesAn Asset Management firm is seeking a SR. Cyber Security Engineer . This role will focus on planning, designing and executing security-related projects, processes and procedures in a Microsoft-oriented environment. Areas of focus for this position will include managing the Micros ...
-
Cyber Security Engineer
5 days ago
Hirewell Chicago, United StatesSenior Cybersecurity Engineer (Vice President) · Come work with our client · Department Overview · The Technology Solutions Department is responsible for designing and delivering state-of-the-art technology solutions that are designed to create efficiency, mitigate risk, and gro ...
-
Cyber Security Analyst
1 day ago
Sentinel Downers Grove, United States**Responsibilities**: · Qualifications: · - 3-5 years' experience in a security related position · - Certifications preferred: Security+, GCIA, Certified Ethical Hacker, and/or CISSP · - Experience performing daily system monitoring and health checks for various security products ...
-
Cyber Security Engineer
5 days ago
Vastika Inc Chicago, United StatesSplunk SOAR Developer · 12 months contract · Primary Locations: Chicago IL / Denver CO · Secondary Locations: Charlotte NC / Addison TX · Note from Manager: · -Splunk SOAR Development experience · Candidates need involved experience with SOAR. Splunk experience by itself will not ...
-
Cyber Security Solution Architect
3 weeks ago
Insight Global Oak Ridge, United StatesDay to Day · Designs and implements innovative solutions to address business requirements. Leads multiple complex and high-priority projects. Analyzes existing systems and dependencies to provide input on process improvement and system infrastructure. · Specific Deliverables -- · ...
-
Cyber Security Analyst
1 week ago
The Judge Group Chicago, United States· SALARY · $90,000 - $105,000 · POSITION SUMMARY · Under general supervision, the Cyber Security Analyst (CSA) is responsible for assisting with day-to-day cyber security administration and operations. Reporting to the Head of Cyber Security, the CSA is tasked with providing ...
-
Cyber Security Analyst
5 days ago
Chicago Transit Authority Chicago, United StatesSALARY · $90,000 - $105,000 · POSITION SUMMARY · Under general supervision, the Cyber Security Analyst (CSA) is responsible for assisting with day-to-day cyber security administration and operations. Reporting to the Head of Cyber Security, the CSA is tasked with providing tec ...
-
Lecturer, Cyber Security
5 hours ago
Roosevelt University Chicago, United States Faculty Jobs ,Job Summary: Roosevelt University's Department of Computer Science, Information Technology, and Data Science seeks a non-tenure-track lecturer to begin August 2019. This faculty member will teach courses in the cyber and information security programs and in the computer science c ...
-
Cyber Security Team Lead
3 weeks ago
Sentinel Offender Services Downers Grove, United StatesResponsibilities: · The Cyber Security Team Lead is responsible for day-to-day operational assistance of the security operations team. Primary duties include assistance with case load balancing, acting as an escalation point for operational and technical questions, delivering on ...
-
Cyber Security Professional
2 days ago
Coilcraft Cary, United StatesJob Description · Job DescriptionCyber Security Professional · Coilcraft is a successful, privately-held company in Cary, IL with a worldwide reputation for high-quality passive electronic components. Coilcraft operates in various industries, including telecommunications, comput ...
-
Cyber Security Policy Officer
1 day ago
ITR Oak Ridge, United StatesJob Description · Job DescriptionEast Tennessee Facility is seeking a Cyber Security Privacy Officer to join their growing team. This is an onsite contact position that can go as long at 18+ months. Ideal candidates must be able to obtain a federal security clearance. No Corp-to ...
-
Cyber Security Lecturer
2 weeks ago
Inside Higher Ed Chicago, United StatesJob Summary: We are seeking a Cyber Security Lecturer to teach undergraduate and graduate courses in computer science with an emphasis on cyber and information security programs. You will hold office hours, conduct course assessments, advise, participate in recruitment events, co ...
-
Cyber Security Risk Analyst
1 week ago
Hirewell Chicago, United StatesJoin our innovative team at a pioneering industry leader revolutionizing the way we build We celebrate diversity, championing it as a driving force for excellence in all our endeavors. As an equal opportunity employer, we're proud to foster an environment where every voice is val ...
-
Cyber Security Professional
5 days ago
Coilcraft Cary, United StatesCyber Security Professional · Coilcraft is a successful, privately-held company in Cary, IL with a worldwide reputation for high-quality passive electronic components. Coilcraft operates in various industries, including telecommunications, computers, automotive, broadband commun ...
Sr. Director, Cyber Security - Oak Brook, United States - TreeHouse Foods
![Default job background](https://contents.bebee.com/public/img/bg-user-ex-1.jpg)
Description
About Us:
TreeHouse Foods (NYSE: THS) is a leading manufacturer of private label packaged foods and beverages, operating a network of production facilities across the United States and Canada. At TreeHouse Foods, our commitment to excellence extends beyond our products and revolves around our people. We are investing in talent and creating a performance-based culture where employees can do their best work, directly impacting our mission to make high quality, affordable food for our customers, communities and families. We hope you will consider joining the team and being part of our future.
About the Role:
The Senior Director, Cyber security will be responsible for implementing and running the enterprise cyber security program. That will involve identifying, evaluating, and reporting on cybersecurity risk to information assets, while supporting and advancing business objectives.
Ultimately, the Senior Director, Cyber security is a business leader, and should have a track record of competency in the field of cyber security and/or risk management, with seven to 10 years of relevant experience, including five years in a significant leadership role. You'll add value to this role by performing various functions including, but not limited to:
Establish Governance and Build Knowledge
Lead the Organization
Set the Strategy
Develop the Frameworks
Build the Network and Communicate the Vision
Operate the Function
Important Details: This is a hybrid position.
You'll fit right in if you have:
Desired, but not required:
Technical and Business Experience