Job TitleDirector, Information Security Job #US19005 Requisition TypeRegular Function Information Technology State/ProvinceUnited States Remote CityMiddleton Region US Posting Start DateMay-23-2024 Division Information Spectrum Brands' global enabling functions, including Finance, Legal, IT, Human Resources, Supply Chain, and Commercial Operations, provide enterprise-wide strategy, structure, and common processes to deliver the knowledge and expertise that helps our businesses grow. Enabling functions may operate as a center-led global team, providing a central strategy, structure, and standards; or as business partner teams, with resources embedded within the businesses to deliver business unit-specific results.
Job Summary The Director, Information Security is responsible for implementing and running the global information security program. The Leader will identify, evaluate, and report on legal and regulatory, IT, and cybersecurity risk to information assets, while supporting and advancing business objectives.
The Director, Information Security establishes and maintains the information security program to ensure that information assets and associated technology, applications, systems, infrastructure, and processes are adequately protected globally in the digital environment and articulate the impact of cybersecurity on business and be able to communicate this to stakeholders.
Primary Duties & Responsibilities Develops an information security vision and strategy that is aligned to organizational priorities and enables and facilitates the organization's business objectives, and ensures senior stakeholder buy-in.Provides regular reporting on the status of the information security program to leadership.Develops, socializes, and coordinates approval and implementation of security policies.Ensures that information security requirements are included in contracts by liaising with vendor management, legal, and procurement teams.Directs the creation of an information security awareness training program for all system users and establishes metrics to measure the effectiveness of this security training program.Determines the information security approach and operating model.Manages the budget for the information security function.Works effectively with business units to facilitate information security risk assessments that empowers them to own and accept the level of risk they deem appropriate.Develops and maintains information security policies, standards, and guidelines.Facilitates a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitates appropriate resource allocation, and increases the maturity of the information security.Works with the global compliance, human resources, and legal teams to ensure that all information owned, collected, or controlled by or on behalf of the company is processed and stored in accordance with applicable laws and other global regulatory requirements.Ensures that security is embedded in the project delivery process by providing the appropriate information security policies, practices, and guidelines.Monitors the external threat environment for emerging threats and advises relevant stakeholders on the appropriate courses of action.Coordinates the development of implementation of the cyber incident response plan.Ensures and monitors productivity, regularly provides constructive feedback, coaching and training to staff.Works collaboratively with external partners and managed services providers to ensure technical services are achieved and per contractual agreements.Responsible for budgeting, forecast and accountable for cost.Manages partner relationships and expectations and provides oversight of services and deliverables.Team acts as escalation point to resolve various types of technical support incidents. Education and Experience Profile 15+ years of relevant experience working in and leading technical teams, including all aspects of major enterprise business systems and related technologies as well as experience in a management and leadership role providing functional support to cyber security systems.Experience working for a manufacturing, distribution, or consumer goods company.Demonstrated experience and success in senior leadership roles in risk management, information security, and IT or OT security.Degree in related field or equivalent work- or education-related experience.Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials.Experience successfully executing programs that meet the objectives of excellence in a dynamic business environment.Experience with contract and vendor negotiations. Required Skills Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists.Ability to effectively manage multiple global technological projects simultaneously while providing oversight, accountability and mentoring of the team members.Demonstrated ability to create positive and productive work environments while leading approximately 5+ team members.Experience with various cyber security methodologies, deployment, and operational best practices.Demonstrated experience establishing and maintaining effective working relationships with other business organizations; successful experience in working with diverse groups of people in a problem-solving environment.Demonstrated ability to forecast, plan and execute development in a consistent, predictable manner with high quality results.Ability to scope the level of effort required by technical staff to complete projects.Service orientation to solving problems and working collaboratively in a global environment.Poise and ability to act calmly and competently in high-pressure, high stress situations.High degree of initiative, dependability, and ability to work with little supervision while being resilient to change.High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.Has good judgment, a sense of urgency and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity.A critical thinker, with strong problem-solving skills. Work Environment Working conditions are normal for an office environment.
The above information on this description has been designed to indicate the general nature and level of work performed by employees within this job/classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.
Spectrum Brands is an Equal Employment Opportunity/Affirmative Action employer.
