IT Security Manager providing operational leadership for ICBC’s IT security program. Enhancing cyber security practices and managing security initiatives in a dynamic, hybrid cloud environment.
About the role
- Vice President & CISO overseeing global Information Security program at a manufacturing company. Leading strategy, governance, and management across U.S., Germany, and India teams.
Responsibilities
- Develop and execute the global information security strategy aligned to business objectives and risk appetite.
- Provide quarterly cybersecurity updates to the Audit Committee and Executive Management Team.
- Establish security governance, policies, and standards consistent with leading frameworks (NIST CSF, ISO 27001, CIS).
- Oversee enterprise risk assessments and maintain a risk-based roadmap for continuous improvement.
- Lead the design, implementation, and management of all security technologies and controls including endpoint protection, identity & access management, SIEM/SOC operations, cloud security, vulnerability management, and network security.
- Ensure proactive monitoring, rapid detection, and response to security incidents across global operations.
- Oversee business continuity and disaster recovery security components in partnership with Infrastructure and Applications teams.
- Embed security-by-design into IT and business projects, including cloud, ERP, operational technology (OT), and Industry 4.0 initiatives.
- Conduct architectural reviews and threat modeling for new technologies and digital transformation efforts.
- Partner closely with Legal to ensure compliance with global data privacy laws, including GDPR, CCPA, and emerging regulations.
- Oversee data protection practices, records retention security considerations, and reporting obligations related to data privacy incidents.
- Lead the global third-party risk management program, including supplier assessments and ongoing monitoring.
- Respond to and manage customer security inquiries, audits, and contractual security requirements.
- Drive vendor governance for security tools, MSSP partnerships, and other outsourced services.
- Lead a global Information Security team of 12 across the U.S., Germany, and India.
- Manage a $3M annual operating budget, ensuring cost-effective investments in technology, services, and capabilities.
- Mentor, develop, and scale the team to support global manufacturing operations and business growth.
Requirements
- 10+ years of progressive experience in Information Security leadership roles.
- Minimum 3 years as a CISO or a deputy/second-in-command security leader in a larger enterprise.
- Deep expertise in security operations, architecture, governance, risk, compliance, and incident response.
- Strong working knowledge of NIST CSF, ISO 27001, CIS Controls, and modern cybersecurity technologies.
- Experience in global environments and working with distributed teams.
- Demonstrated ability to present complex cybersecurity topics to Audit Committees and senior executives.
- Experience managing multimillion-dollar security budgets.
- Strong understanding of GDPR, CCPA, and global privacy regulations.
- Certifications such as CISSP, CISM, CISA, CCSP, or similar.
Benefits
- Health insurance
- 401(k) matching
- Paid time off
- Professional development opportunities
- Work from home options
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Officer ensuring safety and security of Yankee Candle assets and personnel. Responsiblities include monitoring, patrols, incident response, and safety training at the corporate campus.
Senior Specialist in Information Security Governance, Risk & Compliance at Cellulant, driving information security, privacy, and compliance standards within BFSI context.
Cloud Security & Application Security Engineer at Cellulant enhancing security across cloud - native platforms and applications. Working in a hybrid role to support a leading payment service provider in Africa.
IT Audit Consultant joining Baker Tilly to manage technology risks for clients, offering strategic advice and audit support. Engaging with client executives to ensure compliance and operational efficacy.
Senior Health and Safety Advisor overseeing health and safety on construction projects for Aecon. Ensuring compliance with SST legislation and promoting zero accident culture.
Experienced Information Security Officer at Daikin responsible for defining Information Security strategy and ensuring compliance with regulatory frameworks. Collaborating with external specialists and mentoring junior team members in EMEA.
Senior Information Security Specialist executing Daikin Europe’s Information Security strategy. Collaborating with leadership to ensure our systems and services remain secure and compliant with regulations.
Information System Security Officer ensuring security controls and risk mitigation in Aerospace. Collaborating with teams to assess threat landscapes and guide clients with actionable plans.
Cyber Security Architect at Booz Allen supporting program management of cybersecurity tools suite and Zero Trust Architecture roadmap. Lead technical efforts in modern security practices and team collaboration.