IT Security

Overview:
At Kingspan, our future success is based on the quality of our people, who's expertise and motivation have helped ensure that we remain at the forefront of the construction materials manufacturing industry. In joining Kingspan you become an important part of a growing organization with a reputation for innovative design and use of technology, technical expertise, product quality, service excellence, and dedication to sustainability.

**_ Ready to be part of our team?_**

**_ We are looking for an IT Security & Cyber Manager for our _**
**_Caledon, Ontario, Canada, Modesto, California, OR Deland, FL_**
**_ _**
**_office _**

**_This is an in office position (not remote or hybrid). Travel within Canada and US required._**

**Summary**:The Manager of IT Security is responsible for developing and executing the Kingspan Cyber Security Strategy to ensure assets and technologies in the Kingspan Americas Division are adequately protected from cyber and data risk.

**Responsibilities**:
**Essential Duties**:

- Develop a divisional information security vision and strategy aligned to Kingspan Group organizational priorities, enabling, and facilitating the organization's business objectives and ensuring senior stakeholder buy-in and mandate.
- Build and develop a team of IT Security experts.
- Ensure Divisional Security is managed to and compliant with the Kingspan IT Manual
- Lead the Divisional IT Security Governance & Compliance and Lead the recurring Internal IT General Controls and Cyber Security Audits
- In Collaboration with other Kingspan global teams, Develop, Maintain the Divisional Cyber Security Incident Response Plan
- Lead Conduct recurring Tabletop Reviews of the Divisional Cyb3er Security Incident Response Plan
- Lead the activities of threat response and vulnerability management, identify risk plans, and recommend remediation plans.
- Lead the information security function across the Division to ensure consistent and high-quality information security knowledge and management to support the business goals.
- Provide regular reporting on the status of the information security program to senior business leaders and Divisional Leadership as part of a strategic enterprise risk management program, thus supporting business outcomes.
- Work with the vendor management teams to ensure that information security requirements are included in contracts by liaising with vendor management and procurement organizations.
- Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the Security and Data Governance Programs, facilitate appropriate resource allocation, and increase the maturity of the information security, and review it with stakeholders at the executive and board levels.
- Create and manage a targeted information security awareness program for all employees, contractors, and approved system users, and establish metrics to measure the effectiveness of this security training program for the different audiences.
- Manage the budget for the function, monitoring and reporting discrepancies.

Qualifications:
The Manager of Security & Data Governance should have:

- A technical background with a strong understanding of cloud and network security architecture. Demonstrates a deep understanding of leading-edge security tools and technologies in the marketplace. Excellent analytical skills to analyze security requirements on a divisional scale and relate them to appropriate security controls.
- Experience with Data Governance, including Data Classification, Data Discovery, Data Security, Data Retention and Data Loss Prevention (DLP)
- Experience developing people and cyber security teams.
- 15 years IT experience with at least five of those years working in an IT Security role in a technical senior, supervisory or managerial capacity.
- Experience with information security management frameworks such as: National Institute of Standards and Technology (NIST), Center for Internet Security (CIS), International Standards Organization (ISO) 27001 and other leading-edge frameworks.
- Experience in developing and execution of enterprise scale cyber security strategy ensuring alignment to overall business strategy.
- Experience in performing risk, vulnerability, business impact assessments and in defining remediation strategies.
- Experience developing and implementing policies, procedures and guidelines.
- Solid understanding of project management principles.
- Ability to translate understanding of the organization’s goals and objectives into technology requirements.
- Experience working in manufacturing, or similar industry is advantageous.

This job description indicates the general nature and level of work expected. It is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities required of the incumbent.

Incumbent may be asked to perform other duties as required.

Employment Disclaimer:
We offer a comprehensive benefits package inc