Director, IT Security

Description

Key Responsibilities

• Develop and execute a comprehensive cybersecurity strategy for IT and OT systems, aligned with business objectives.
• Lead the security team, fostering a culture of accountability, collaboration, and continuous improvement.
• Align the security strategy with business objectives and ensure security policies, standards, and practices are embedded across the organization.
• Provide guidance and leadership on security best practices to senior management and the Board of Directors.
• Advise the CIO and senior leadership on security risks, trends, and mitigation strategies.
• Manage the cybersecurity budget, ensuring efficient allocation of resources.

• Ensure compliance with global regulations (e.g., GDPR, NIST, ISO 27001, CMMC) and industry standards.
• Oversee the development and enforcement of security policies, procedures, and controls.
• Lead the identification, assessment, and prioritization of security risks; recommend appropriate risk mitigation strategies.
• Manage third-party risks and ensure secure relationships with vendors and partners across the company’s entire vendor base and supply chain.
• Ensure that emerging cyber requirements including data sovereignty and residency are tracked in all countries in which the company operates and implement approaches that meet the requirements and business needs.
• Establish and enforce security policies, procedures, and governance frameworks that meet corporate and regulatory requirements.

• Protect IT assets (e.g., corporate networks, cloud systems, endpoints) and OT assets (e.g., SCADA, PLCs, IoT devices) from cyber threats.
• Implement and manage security tools, including firewalls, IDS/IPS, SIEM, and endpoint protection.
• Oversee incident response, including detection, containment, and recovery from security breaches.
• Oversee security operations, including monitoring, detection, and response to security threats and vulnerabilities.
• Specify, design, implement, and manage appropriate security technologies.
• Manage the company’s Security Operations Center (SOC).

• Monitor emerging cyber threats and vulnerabilities specific to manufacturing and OT environments.
• Lead investigations and post-incident reviews to strengthen defenses.
• Coordinate with external partners (e.g., MSSPs, law enforcement) during major incidents.
• Develop and maintain the organization’s incident response and disaster recovery plans.
• Lead the response to security incidents and breaches, ensuring the protection of critical systems and sensitive data.
• Manage the Cyber Incident Response team.

• Partner with IT, OT, and manufacturing teams to integrate security into system design and operations.
• Collaborate with legal, HR, and compliance teams to address data privacy and regulatory requirements.
• Collaborate with third-party vendors to ensure secure supply chain and contractor practice

• Develop and deliver cybersecurity training programs for employees and contractors.
• Promote a security-conscious culture across the organization.
• Develop and oversee security training programs to raise awareness among employees.

Skills, Knowledge and Expertise

• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
• Relevant cybersecurity certifications.

• 15 years of experience in cybersecurity, with at least 5 years in a leadership role.
• Proven experience securing both IT and OT environments in a manufacturing or industrial setting.
• Track record of developing and implementing enterprise-wide security strategies.
• Experience in a multinational, manufacturing company operating in regulated industries.
• Proven track record in implementing and managing information security programs at a senior level.

• Deep knowledge of IT security technologies (e.g., firewalls, SIEM, EDR, IAM).
• Familiarity with OT security protocols and systems (e.g., SCADA, DCS, IEC 62443).
• Experience with cloud security (e.g., AWS, Azure).
• Strong knowledge of security frameworks such as NIST, CMMC and ISO 27001.
• Understanding of regulatory compliance requirements (e.g., CMMC, ITAR).
• Experience with security architecture, risk management, vulnerability management, and incident response.
• Excellent leadership, communication, and interpersonal skills.
• Ability to influence and work with executive teams and key stakeholders.
• Strong analytical and critical thinking skills, with a focus on cybersecurity trends and risk management.

• CISSP, CISM, CISA, CRISC, or equivalent

• Strong leadership and team-building capabilities.
• Excellent communication skills, with the ability to present complex technical concepts to non-technical stakeholders.
• Strategic thinker with a proactive, problem-solving mindset.

• Ability to travel internationally as needed.
• Experience working in a multinational environment is a plus.
• Only US Citizens or Permanent Residents need to apply.

Pay Parency and Benefits

• Medical, dental and vision
• Health Savings Account (HSA) / Flexible Spending Accounts (FSA)
• 401K plan with a company match - 100% match on the first 5% you contribute
• Short- and Long-term disability coverage
• Life Insurance and AD&D - 100% paid by employer
• Employee Assistance Program (EAP)

About Knowles Corporation