Cyber Security Manager

Company: Minerals Technologies
Location: Bethlehem
Posted on: January 24, 2023

Job Description:

Overview:Minerals Technologies Inc. (MTI) is a resource- and technology-based company that develops, produces and markets worldwide a broad range of specialty mineral, mineral-based and synthetic mineral products and related systems and services. The Company has three reportable segments: Specialty Minerals, Performance Materials and Refractories. MTI provides a business environment and promotes a culture that encourages all employees to contribute to our success. We have long been committed to the recruitment and advancement of the most talented and qualified people. We recognize that MTI's ability to provide the highest caliber of products and services is enhanced by a workforce that reflects the diversity of the communities and countries in which we work.Corporate functions, known internally as Resource Unites, include Corporate Communications, Finance, Global Business Services Human Resources, Information Technology, Legal, and Supply Chain. Resource Units help drive the Business Unit's strategic goals by supporting our global, and rapidly growing, workforce of over 3,500 employees.What We Offer:Competitive pay, commensurate with experienceHealth/Dental/Vision plans401k company matchLife InsuranceShort Term Disability & Long-Term DisabilityEducational AssistanceEmployee Assistance PlanPosition: Cybersecurity ManagerLocation: USA Bethlehem, PennsylvaniaThe MTI Cybersecurity Manager is responsible for the enterprise-wide information security policy, information security strategy, information security architecture, information security operations, and information security risk management. Oversees and coordinates security initiatives working with executive, business and functional leaders and staff including human resources, audit and compliance, corporate and financial investigations, legal, physical security, systems operations and systems development.This role will provide vision and leadership necessary to manage risk to the organization to ensure business alignment, effective governance, operational efficiency and performance monitoring and measurement. The position will make recommendations for executive level actions through both informal and formal means, including but not limited to executive level metrics, dashboards, risk analysis and mitigation, acceptance and reporting. This role will implement programs and processes to comply with national, local, and global information security and privacy regulations.This role will lead IT Risk Assessments to identify key corporate security vulnerabilities that affect the confidentiality, integrity and availability of company confidential data and provides support to systems owners to address and implement solutions to identified security and risk issues. The role will support security and privacy audits and develops a mitigation strategy for the issues discovered. Finally, the position will prioritize the protection of valuable information and maintain the confidentiality and integrity of company and customer data through implementation of various security programs and technology platforms.Responsibilities:Position Details:Keeps abreast of industry trends and current emerging risksDevelop and maintain Cyber Security MTI specific program in accordance with leading standards i.e NIST, CSF and ISO.Lead assessments of current security technology and authentication systems and evaluate against Federal and State Information Protection and Privacy regulations, MTI Information Security Policies, and other relevant regulations pertaining to the protection of Enterprise Information assets with respect to information security.Develop and advance MTI information security policies, standards and procedures in conjunction with the application and technology teams responsible for the day to day systems configuration and operation.Lead the assessment and review of new and existing technology infrastructure to identify key risk areas, and ensure adequate levels of control are in place to address those risks and develop risk mitigation techniques and processes to ensure that all reviews as actionable by system manager and the operations staff.Lead the consultative process and advise personnel in IT departments to coordinate information security activities.Support Information Security Officer in Information Security activities as needed.Develop and lead activities supporting the IT Risk Management process such as data classification and security controls maintenance.Lead Collaborative programs with personnel in IT and all business units to ensure that electronic data security is consistently implemented throughout the Enterprise.Update skills as necessary to support MTI Information Security and remain knowledgeable of industry standards and advancements.Assist with the design and administration of Cyber Security Awareness Training, including reporting.Assist with the coordination and remediation of found vulnerabilities.Develop presentations and other materials to communicate Cyber Security initiatives to all staff, senior management.OE/LeanActively participate in the implementation of sustainable improvement processes, such as 5S, Kaizen, Daily Management Control, Standard Work and Problem Solving.Qualifications:Experience:Should have clear understanding of all domains on information security and as per ISO27001 guidelines (globally accepted framework) and have relevant experience in auditing information systems from a technology and physical security perspective.Should have detailed understanding on below technologies.Network Devices (Fortinet Firewall - Hands-on Mandatory )Anti-Malware solutions (McAfee preferred)Intrusion Prevention SystemsWeb Content filtering solutions (Umbrella preferred)DLP Technologies - Host, Email, WebWeb Application FirewallsSIEM (Security Information and Event Management) Solution (IBM QRadar preferred)Certifications (Desirable)CISA (Certified Information Security Auditor) ORCISM (Certified Information Security Manager) ORCertified Information Systems Security Professional (CISSP)CompTIA Security+Knowledge of Cyber Security Framework for e.g. NIST, CSF would be desirable. Minimum of 7+ years of experience in information services with 5 years of demonstrable and progressive experience operating within Information Security domains. Require in-depth understanding of Information Security practices for network, servers, databases, applications, and advanced use of Information Security assessment techniques.Education:Bachelor's Degree is required. Concentration in computer science with emphasis on IT security preferred.Knowledge, Skills & Abilities: Incumbent must have a well-developed business understanding, working knowledge of customer requirements and demonstrate a balance between analytical and creative thinking. Incumbent must also be a self-starter who seeks responsibility and is able to work with minimal direction. Incumbent must have demonstrated a willingness to challenge conventional ideas, be flexible, innovative, and be able to function effectively in a team environment and possess superior analytical and problem-solving skills. Incumbent must be proficient in personal computers and related databases. Computer skills required include knowledge of spreadsheets, database and word processing software on PC based systems. Incumbent must possess excellent organizational and communication skills. Incumbent must possess strong interpersonal skills and have the ability to communicate.While performing the duties of this job, an employee is typically required to have the ability to coordinate movements, regularly stand, walk, bend, squat, climb, reach, crouch, and kneel during a work shift, have manual dexterity, select and use appropriate equipment/tools to accomplish job duties, read, write, listen, speak and understand English, follow all instructions and other oral/written information, visually inspect equipment/work area, complete paperwork and other documentation accurately, identify, analyze, troubleshoot and solve issues using judgment, react quickly as needed, be organized and detail oriented, be able to identify/judge the urgency of a situation, use judgment in decision making, make decisions in a timely manner, manage multiple priorities, communicate effectively with others, be aware of oneself in relation to surrounding equipment, and work independently. Ability to instruct/transfer job information/knowledge to others is preferred.The employee is expected to be self-directed, take initiative and be persistent when appropriate to accomplish necessary duties and keep busy without prompting. Additionally, the employee is expected to be adaptable/flexible to changing work assignments, have a high level of integrity, dependability, and self-control to maintain composure, perform multiple tasks at once, learn and memorize procedures, manage time effectively and efficiently, meet established deadlines, display a cooperative demeanor, read, understand, and follow all company, job specific and safety policies/procedures, and attend/use all required training.Travel: Travel to other work sites may occurIND123

Keywords: Minerals Technologies, Bethlehem , Cyber Security Manager, Executive , Bethlehem, Pennsylvania