The CISO will direct and develop the Corporate Information Security team while managing global cyber security risk. This includes architecture, policy, incident response, and all other aspects of a modern cyber security program. To be successful, the CISO will balance cyber risk with the operating models of various business units to sustain a secure but productive workforce. This professional will have strategic and tactical control over the program while ensuring the various needs of the businesses and IT are being met. The CISO is strongly connected to Howmet’s Legal teams and Privacy Office, ensuring that regulatory requirements are achieved throughout the entirety of the program.
Mitigating current day threats as well as anticipating and controlling for tomorrow’s is a critical aspect of this role. Critical thinking, problem solving, and strong communication across all levels of seniority is a must. All these skills will be used to effectively collaborate with various company leaders, IT and non-IT, to ensure that business goals are being met and conflicting interests are balanced appropriately.
- Manage and develop the implementation of global security policy, standards, guidelines, and procedures to ensure ongoing maintenance of security for the business
- Develop roles and responsibilities throughout the organization from a security perspective
- Develop and implement technology solutions and processes that allow secure access to information assets
- Facilitate change management to assist with the rapidly growing world of cyber security
- Experience with protecting Industrial Control Systems / Operational Technology
- Experience with defense regulations such as EAR-99, ITAR, DFARS, and CMMC
- Experience with using industry leading cyber frameworks such as NIST 800-53 and 800-171
- Collaborate with various business partners to ensure their needs are incorporated into the program
- Operate company’s e-discovery program
- Participate in privacy office as a key knowledge holder of various data privacy regulations such as GDPR
- Ensure information security is addressed as business risk
- Communicate, at an expert level, to all levels of the organization.
- Present program updates to leaders, executives, and Board of Directors.
- Bachelors degree in Information Technology from an accredited institution
- Must have experience as a CISO or Business Information Security Officer (BISO) executive with a minimum of 7 years of information security management experience
- Employees must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position
- Degree is cyber security
- Masters degree in Information Technology
- Strong quantitative and analytical abilities with deep understanding of how to develop relevant metrics that not only track activity but also quantify the impact of security initiatives on the financial performance of the business
- Experience in designing enterprise-wide information & physical security organizational structures and processes
- Proven track record of excellent executive communication skills