What are the responsibilities and job description for the Cyber Security Manager position at Ground Effects Ltd.?
Full-Time
On-site
Sterling Heights, MI 48314, USA
Description
Job Summary
The Cybersecurity Manager will provide industry-leading security expertise and guidance to IXS Coatings. Candidate will be responsible to manage and advance the existing cyber security program, understand and proactively address the changing threat landscape and expand protection services as appropriate. This position is part of a team of IT professionals providing innovative technology solutions across the business. This role will work in conjunction with IT senior management to oversee the strategy and direction of the governance, risk, and compliance activities impacting Information Technology.
Key Responsibilities
Lead the overall cybersecurity program including technical solutions, training, security awareness initiatives and governance
- Maintains and amends Corporate Information Security Policy
- Manages the 5-year cybersecurity and governance roadmaps
- Will maintain the manage and maintain a company wide global risk assessment
- Collect and presents security metrics on a regular basis to the senior executive team
- Acts as the cyber security point of contact for all audits, investigations, assessments, and related inquiries including IATF/ISO audits.
- Manages the company wide Security Operations Centers (SOC), Network Operations Centers (NOC) and SIEM systems
- Develops and maintain the global incident response plan and related runbooks
- Maintain Business Continuity and Disaster Recovery plan and program
Develop and manage cyber security governance, policies and procedures.
- Manage the 5-year cybersecurity and governance roadmaps
- Write, maintain and train cybersecurity and governance policies and procedures including user acceptance, global information security and other policies.
- Maintain and facilitate the Incident Response Plan
- Ability to implement NIST governance model including PC and server hardening
- Knowledgeable with ISO27001 Standard and familiar with TISAX with the ability to achieve certification
Manage Cybersecurity and awareness training.
- Champions security awareness by leading the cybersecurity awareness training program, phishing testing and related metrics
- Provides regular uses metrics regarding training, risk level and phishing testing
- Promotes Cybersecurity awareness through active campaigns and training
Experience with Cybersecurity tools, systems and implementation.
- Produces monthly metrics for security awareness, risk, patch levels and SIEM alerts
- Implement company policies and procedures related to IAM, data encryption, patch management, privileged access management
- Experienced in implement a zero-trust model, vulnerability management, penetration testing, disaster recovery and business continuity testing and planning
- Experienced with Data Loss Protection, CrowdStrike,
- Experience with Governance, Risk, & Compliance (GRC) is preferred
Qualifications
- Education Minimum Required: Bachelor’s Degree. Preferred: Cybersecurity or related field is highly preferred
- Experience Minimum Required: 5 years of experience with cybersecurity related job functions. Preferred: Experience with SIEM Systems, KnowBe4 and led security awareness programs.
- Job Specific Skills Minimum Required: Excellent analytical and problem-solving skills
- Self-motivated with strong attention to detail
- Experienced with NIST and/or COBIT Cybersecurity framework and the ISO27001 Standard.
- Experience with the MS O365 suite and Microsoft security solutions
- Strong knowledge and experienced with SIEM systems (SEI preferred).
- Experienced with KnowBe4 along with SACP certification.
- Experience with cloud-based application security
- Understanding of Windows Domain and networking security principles
- Experience leading cyber security initiatives and projects. Preferred: Cybersecurity certifications including CISSP, CISM, CISA, CGEIT, SACP, and CCNA.
Working Conditions
The following working conditions are present or expected on a daily basis:
- Manufacturing/production floor environment with a presence on the production floor required for at least 50% of daily work time.
- Frequent exposure to industrial manufacturing, automotive vehicles, weather elements, chemicals and robotics.
- Personal protective equipment must be worn at all times on the production floor.
IMPORTANT NOTE
The organization reserves the right to change, amend or disuse this job description at any time. This document intended to provide an overview of the required responsibilities and qualifications.