Vice President Cyber Security - Atlanta, United States - CRH

Description

Position Overview

We are seeking an experienced and dynamic professional to fill the position of Vice President Cyber Security for CRH Americas. As the VP of Cyber Security, you will provide strategic leadership and operational excellence in the delivery of a best practice cyber security operations and engineering program for the CRH Americas region. Reporting to the Group Global CISO, you will be responsible for delivering a security program across multiple security domains while operating in a federated model, collaborating closely with various divisions in the CRH Americas region to deliver a cyber program aligned to the wider CRH Americas IT strategy.

Key Responsibilities (Essential Duties and Functions)

1. Strategy Development and Implementation

• Collaborate with the Group Global CISO to define and execute a comprehensive cyber security strategy for the CRH Americas region, aligned with the organization's global security objectives and regional IT strategies.
• Identify security goals, priorities, and initiatives based on industry best practices, business requirements, and risk assessments.
• Develop regional security operations and engineering roadmaps, ensuring alignment with corporate policies, standards, and regulatory requirements.

2. Operational Excellence and Program Delivery

• Develop the CRH Americas Security Operations and Engineering function, providing a centralized shared service capability for the CRH Americas divisions aligned to the Group Information Security service/platform offerings – Incident Response, Threat Hunting, Security Monitoring, Vulnerability Assessments, Endpoint Detection & Response, Email Security & Web Content Filtering
• Develop and implement Security KPIs & KRIs aligned to industry best practices and Group Information Security standards, to measure continuous performance of the shared services offering.
• Define and implement security policies, procedures, and controls to ensure compliance with relevant regulations and industry standards.
• Support the delivery of Group Information Security projects and initiatives across the CRH Americas region.
• Drive operational excellence by monitoring and measuring the effectiveness of security controls, conducting regular assurance and assessments, and implementing continuous improvement initiatives.

3. Collaboration and Stakeholder Management

• Act as a trusted advisor and liaison between the Group Global CISO, CRH Americas CIOs, regional leadership, and various divisions in the CRH Americas region.
• Work in partnership with the Divisional Cyber functions, providing a suite of core operational and engineering shared services capabilities.
• Engage with business leaders, IT teams, and other stakeholders to understand their security requirements, provide guidance, and ensure alignment with the overall security strategy.
• Foster effective communication and collaboration channels to promote information sharing and consistent security practices across the regional divisions.
• Establish and maintain relationships with external partners, industry peers, and regulatory bodies to stay informed about emerging security threats, trends, and best practices.

4. Risk Management and Incident Response

• Oversee the identification, assessment, and management of security risks within the CRH Americas region, ensuring appropriate controls are in place to mitigate risks effectively.
• Working in collaboration with the Global Incident Response team develop and maintain the CRH Americas incident response and crisis management framework, including response plans, communication protocols, and post-incident reviews.
• Act as primary Lead and coordinate the response to security incidents at the Americas level, working closely with internal teams and external partners as necessary to minimize impact and ensure timely resolution.
• Provide guidance and support to the regional divisions in conducting security incident investigations, root cause analysis, and remediation activities.
• Provide guidance and support to the regional divisions on business continuity planning and cyber resilience activities.

Individual Competencies

• Drive Results - Consistently achieving objectives, even under tough circumstances, pushing self and others to accomplish goals.
• Be Resilient - Rebounding from setbacks and adversity when facing difficult situations.
• Collaborate - Building partnerships and working collaboratively with others to meet shared objectives.
• Make Quality Decisions - Making good and timely decisions that keep the organization moving forward.

Key Functional Competencies

• Proven experience of leading a significant security function in a global organization
• Significant experience in building lasting relationships with senior leaders, peers, functional and divisional teams
• Effective communication, negotiation and influencing skills, with the ability to build strong trusting relationships at all levels of the organization.
• Strong business acumen with demonstrable ability to see the big picture and offer solutions aligned to the wider CRH group and regional strategy.
• Proven ability to strategically plan, prioritize, and deliver in a fast-paced environment.
• Experience leading an organization through large scale technology transformation and change.
• Demonstrable experience in delivering complex multi-year portfolios and programs against timelines and budgets.

Qualifications

Education / Experience

• Bachelor's degree in computer science, information technology, or a related field. Advanced degree preferred.
• Extensive experience (15+ years) in information security management, preferably in a global manufacturing or related industry.
• Proven track record in developing and implementing information security strategies at a regional or global level.
• Strong knowledge of security frameworks, standards, and regulations (e.g., ISO 27001, NIST Cybersecurity Framework, GDPR, etc.).
• Experience operating in a federated operating model, coordinating security efforts across multiple divisions or business units.
• Excellent leadership, communication, and interpersonal skills to effectively collaborate with diverse stakeholders.
• Industry certifications such as CISSP, CISM, or CRISC are highly desirable.
• In-depth understanding of emerging security technologies, threat landscape, and industry best practices.
• Strong analytical and problem-solving abilities with a focus on operational excellence.

Work Requirements

• Must be 18 years in age or older.
• Must pass pre-employment drug screen and criminal background check.
• Strict adherence to safety requirements and procedures as outlined in the Employee Handbook
• Willingness to work independently within in a team environment and assist the team with other duties as required.
• Ability to work on a global team spanning many time-zones.
• Domestic and international travel approx. 20% will be necessary according to the demands of the role.
• The position may require work outside of normal business hours.

Physical Requirements

• The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.
• Able to communicate with others by telephone, Microsoft Teams, e-mail, and in-person.