What are the responsibilities and job description for the Information Security Manager position at SMC Corporation of America - US SMC Pneumatics,...?
PURPOSE
- The Manager, GISO (Global Information Security Operations) is responsible for SMC Group Companies’ security programs which may include: Endpoint Security, Identity & Access Management, Network & Application Security, Threat & Vulnerability Management, Security Strategy, Automation and Engineering, Cybersecurity Awareness, and Security Event Management & Response. This position is accountable for the ongoing management, risk-based design, implementation, and maturity of the security program across the enterprise required to protect the organization from adversaries (Threat Actors and Hackers). This role actively engages third party vendors, partners and stakeholders to design, manage, and mitigate cyber security risks and threats. The role is responsible for responding to data breaches and security events, engaging SMC stakeholders, and providing executive level updates and briefs.
- Assist in the design of the cybersecurity and risk management multi-year strategy.
- Establish security risk management framework, assessments, and controls using industry recognized frameworks.
- Communicate strategy to all stakeholders.
- Assist in the management of the global security incident response activities in a 24x7x365 environment.
- Oversee and approve written artifacts, security advisories, and communications produced by the team.
- Supervise the development and operation of internal controls to assess risks, and work to improve any deficiencies. Establish standard operating practices based on the assigned frameworks to drive security-first mindset across application development, infrastructure ,and business operations.
- Establish program controls, processes, and support strategy in partnership with the office of the CIO (Global IT Administration).
- Assist in the development of yearly departmental budget and spending schedule based on financial policy; manage to budget
- Assist finance team in developing cost sharing allocation for global security toolsets
- Review and approve financial requests and invoices as required.
- Evaluate, implement, and maintain appropriate cybersecurity and risk management toolsets to support the organization’s global risk posture.
- Prepare, submit, and manage requests for spending approval to executive leadership in the US and Japan.
- Perform vendor management administrative duties for new and existing partners
- Implement and maintain annual security awareness training program
- All other duties as assigned
- Hire, coach, mentor and develop numerous direct and indirect reports to meet specific objectives as derived by the SMC business mission, values, and principles.
- Perform annual salary and performance reviews
- Perform managerial administrative duties as required.
- Collaborative team environment in a shared workspace
- General office, computer room, warehouse, and factory areas
- Carry mobile phone during work and off-hours
- Off-hours work and travel as required
- Sitting for long periods
- Minimum lifting requirements of 15 pounds
- Knowledge of the latest versions of the various cybersecurity frameworks – NIST CSF, GDPR, CIS, and others
- (highly recommended)
- Experience in risk assessment, control design, and reporting
- 10 years of experience in information technology, information security, and/or operational support
- 5 years of IT leadership experience in an enterprise environment
- Experience in executive presentation and strategy development
- Excellent interpersonal communication skills
- Bachelor’s degree in Information Technology or relevant work experience
- 5 years of experience in information technology, information security, and operational support
- 5 years of IT leadership experience
- Maintain a high level of integrity, composure, and confidentiality
- Excellent interpersonal communication skills
