Cyber Security Manager
Company: Minerals Technologies
Location: Bethlehem
Posted on: January 24, 2023
|
|
Job Description:
Overview:Minerals Technologies Inc. (MTI) is a resource- and
technology-based company that develops, produces and markets
worldwide a broad range of specialty mineral, mineral-based and
synthetic mineral products and related systems and services. The
Company has three reportable segments: Specialty Minerals,
Performance Materials and Refractories. MTI provides a business
environment and promotes a culture that encourages all employees to
contribute to our success. We have long been committed to the
recruitment and advancement of the most talented and qualified
people. We recognize that MTI's ability to provide the highest
caliber of products and services is enhanced by a workforce that
reflects the diversity of the communities and countries in which we
work.Corporate functions, known internally as Resource Unites,
include Corporate Communications, Finance, Global Business Services
Human Resources, Information Technology, Legal, and Supply Chain.
Resource Units help drive the Business Unit's strategic goals by
supporting our global, and rapidly growing, workforce of over 3,500
employees.What We Offer:Competitive pay, commensurate with
experienceHealth/Dental/Vision plans401k company matchLife
InsuranceShort Term Disability & Long-Term DisabilityEducational
AssistanceEmployee Assistance PlanPosition: Cybersecurity
ManagerLocation: USA Bethlehem, PennsylvaniaThe MTI Cybersecurity
Manager is responsible for the enterprise-wide information security
policy, information security strategy, information security
architecture, information security operations, and information
security risk management. Oversees and coordinates security
initiatives working with executive, business and functional leaders
and staff including human resources, audit and compliance,
corporate and financial investigations, legal, physical security,
systems operations and systems development.This role will provide
vision and leadership necessary to manage risk to the organization
to ensure business alignment, effective governance, operational
efficiency and performance monitoring and measurement. The position
will make recommendations for executive level actions through both
informal and formal means, including but not limited to executive
level metrics, dashboards, risk analysis and mitigation, acceptance
and reporting. This role will implement programs and processes to
comply with national, local, and global information security and
privacy regulations.This role will lead IT Risk Assessments to
identify key corporate security vulnerabilities that affect the
confidentiality, integrity and availability of company confidential
data and provides support to systems owners to address and
implement solutions to identified security and risk issues. The
role will support security and privacy audits and develops a
mitigation strategy for the issues discovered. Finally, the
position will prioritize the protection of valuable information and
maintain the confidentiality and integrity of company and customer
data through implementation of various security programs and
technology platforms.Responsibilities:Position Details:Keeps
abreast of industry trends and current emerging risksDevelop and
maintain Cyber Security MTI specific program in accordance with
leading standards i.e NIST, CSF and ISO.Lead assessments of current
security technology and authentication systems and evaluate against
Federal and State Information Protection and Privacy regulations,
MTI Information Security Policies, and other relevant regulations
pertaining to the protection of Enterprise Information assets with
respect to information security.Develop and advance MTI information
security policies, standards and procedures in conjunction with the
application and technology teams responsible for the day to day
systems configuration and operation.Lead the assessment and review
of new and existing technology infrastructure to identify key risk
areas, and ensure adequate levels of control are in place to
address those risks and develop risk mitigation techniques and
processes to ensure that all reviews as actionable by system
manager and the operations staff.Lead the consultative process and
advise personnel in IT departments to coordinate information
security activities.Support Information Security Officer in
Information Security activities as needed.Develop and lead
activities supporting the IT Risk Management process such as data
classification and security controls maintenance.Lead Collaborative
programs with personnel in IT and all business units to ensure that
electronic data security is consistently implemented throughout the
Enterprise.Update skills as necessary to support MTI Information
Security and remain knowledgeable of industry standards and
advancements.Assist with the design and administration of Cyber
Security Awareness Training, including reporting.Assist with the
coordination and remediation of found vulnerabilities.Develop
presentations and other materials to communicate Cyber Security
initiatives to all staff, senior management.OE/LeanActively
participate in the implementation of sustainable improvement
processes, such as 5S, Kaizen, Daily Management Control, Standard
Work and Problem Solving.Qualifications:Experience:Should have
clear understanding of all domains on information security and as
per ISO27001 guidelines (globally accepted framework) and have
relevant experience in auditing information systems from a
technology and physical security perspective.Should have detailed
understanding on below technologies.Network Devices (Fortinet
Firewall - Hands-on Mandatory )Anti-Malware solutions (McAfee
preferred)Intrusion Prevention SystemsWeb Content filtering
solutions (Umbrella preferred)DLP Technologies - Host, Email,
WebWeb Application FirewallsSIEM (Security Information and Event
Management) Solution (IBM QRadar preferred)Certifications
(Desirable)CISA (Certified Information Security Auditor) ORCISM
(Certified Information Security Manager) ORCertified Information
Systems Security Professional (CISSP)CompTIA Security+Knowledge of
Cyber Security Framework for e.g. NIST, CSF would be desirable.
Minimum of 7+ years of experience in information services with 5
years of demonstrable and progressive experience operating within
Information Security domains. Require in-depth understanding of
Information Security practices for network, servers, databases,
applications, and advanced use of Information Security assessment
techniques.Education:Bachelor's Degree is required. Concentration
in computer science with emphasis on IT security
preferred.Knowledge, Skills & Abilities: Incumbent must have a
well-developed business understanding, working knowledge of
customer requirements and demonstrate a balance between analytical
and creative thinking. Incumbent must also be a self-starter who
seeks responsibility and is able to work with minimal direction.
Incumbent must have demonstrated a willingness to challenge
conventional ideas, be flexible, innovative, and be able to
function effectively in a team environment and possess superior
analytical and problem-solving skills. Incumbent must be proficient
in personal computers and related databases. Computer skills
required include knowledge of spreadsheets, database and word
processing software on PC based systems. Incumbent must possess
excellent organizational and communication skills. Incumbent must
possess strong interpersonal skills and have the ability to
communicate.While performing the duties of this job, an employee is
typically required to have the ability to coordinate movements,
regularly stand, walk, bend, squat, climb, reach, crouch, and kneel
during a work shift, have manual dexterity, select and use
appropriate equipment/tools to accomplish job duties, read, write,
listen, speak and understand English, follow all instructions and
other oral/written information, visually inspect equipment/work
area, complete paperwork and other documentation accurately,
identify, analyze, troubleshoot and solve issues using judgment,
react quickly as needed, be organized and detail oriented, be able
to identify/judge the urgency of a situation, use judgment in
decision making, make decisions in a timely manner, manage multiple
priorities, communicate effectively with others, be aware of
oneself in relation to surrounding equipment, and work
independently. Ability to instruct/transfer job
information/knowledge to others is preferred.The employee is
expected to be self-directed, take initiative and be persistent
when appropriate to accomplish necessary duties and keep busy
without prompting. Additionally, the employee is expected to be
adaptable/flexible to changing work assignments, have a high level
of integrity, dependability, and self-control to maintain
composure, perform multiple tasks at once, learn and memorize
procedures, manage time effectively and efficiently, meet
established deadlines, display a cooperative demeanor, read,
understand, and follow all company, job specific and safety
policies/procedures, and attend/use all required training.Travel:
Travel to other work sites may occurIND123
Keywords: Minerals Technologies, Bethlehem , Cyber Security Manager, Executive , Bethlehem, Pennsylvania
Click
here to apply!
|