Director, Cyber Security

at Standard Industries Inc.
Published June 22, 2019
Location New York, NY
Category Default  
Job Type Full-time  

Description

Standard Industries is a global industrial company with more than 15,000 employees in over 80 countries. Our industry-leading businesses include GAF, BMI Group, Schiedel, Siplast, GAF Energy, and SGI. Key related businesses include strategic investment firm 40 North and Winter Properties, a real estate investment management and development company. Through R&D, innovation, supply chain enhancement, and social impact efforts our mission is to build a better world by leading a more modern, conscious approach to industrialism.

What part will you play?

  • This exciting role will be part of the Cyber Security Center of Excellence Team, reporting to the Vice President, Technology Risk. This person will assist the Cyber Security Center of Excellence Team with implementing a cyber-security Risk Management Program for Standard Industries
  • As a Director, Cyber Security your work will help build a sense of connection and shared purpose at Standard Industries across all departments and grow awareness and understanding of Standard’s Information Security Vision
  • This role requires a smart, collaborative person who wants to be a part of a pioneering digital transformation of an industry and have a desire to develop security into a threat focused model

What will you be doing?

  • Working closely with the developers and system engineers within Standard Industries and diverse lines of business to help establish Information Security partnerships for Security Technology Standards
  • Acting as the Information Security subject matter expert to support and assist with providing guidance to Senior Management on information and cybersecurity issues
  • Assessing and evaluating information risks by conducting risk assessments and technical vulnerability assessments for new products, features, framework components, cloud-based infrastructure, and external vendors
  • Promoting awareness of information security objectives, policies, standards and processes to all Standard Industries and business line employees
  • Leading the creation of policies and standards following common Information Security frameworks such as NIST Cyber Security Framework (CSF)
  • Regularly auditing systems and applications, working with the technology and business teams to ensure security standards are at appropriate levels.
  • Assisting the CISO and VP, Technology Risk with developing and building a forward-thinking preventative Information Security Program

What do we require from you?

  • 8-10 years of professional experience with 4-6 years in a dedicated Information Security capacity
  • Knowledge and expertise in Risk Assessment and Risk Analysis
  • Deep knowledge and understanding of Information risk assessment concepts and principles in relation to risk appetite, risk tolerance, and business risk exposure
  • Hands on experience of  performing risk-based, technical assessments of applications, using both dynamic and static scanning tools
  • Willingness to learn, discover, experiment
  • Comfort in working as a team player in a start-up environment where no job is too small
  • Energetic and fast-paced, with low-ego, sense of humor and an open style
  • Willingness to travel as needed