Senior Manager, Cybersecurity Operations
Howmet Aerospace
- Pittsburgh, PA
- $150,000-175,000 per year
- Permanent
- Full-time
- In partnership with the CISO, develop and implement the overall information security strategy, policies, and procedures in alignment with business goals and industry best practices
- Manage team responsible for cybersecurity engineering, vulnerability management, incident response, security awareness and maintaining Cyber internal website
- Lead and manage a team of information security professionals, providing guidance, mentorship, and performance feedback; fostering a team environment built on trust, innovation, and integrity
- Collaborate with cross-functional teams, including IT, legal, compliance, risk management, and business units, to ensure effective integration of information security practices
- Oversee the development and maintenance of information security awareness and training programs for employees to foster a security-conscious culture throughout the organization
- Ensure all security tools and products are current/patched, optimized & healthy to provide maximum security levels
- Direct the facilitation of risk and vulnerability assessments throughout the organization, partnering with the information technology and business teams to develop and implement action plans, prioritizing and responding to raised issues
- Oversee incident response activities, including investigation, containment, and remediation of security incidents or breaches
- Prepare reports and presentations on key metrics and ongoing initiatives, delivering results to senior leadership, executive management, the audit committee and the Board of Directors
- Develop and maintain strong relationships with external partners, vendors, and industry groups to stay abreast of emerging threats, technologies, and industry trends
- Stay current with evolving information security regulations, laws, and industry standards, and provide recommendations and expert opinion on compliance
- Foster a culture of continuous improvement within the information security function, driving innovation, efficiency, and effectiveness
- Provide hands on assistance with security administration of the cybersecurity solutions as needed
- Provide off-hours on-call assistance as needed
- Excellent communication and interpersonal skills, with the ability to effectively collaborate with stakeholders at all levels of the organization
- Strong analytical and problem-solving abilities, with a focus on balancing security requirements with business needs
- Demonstrated experience communicating technical information to non-technical individuals or groups
- Demonstrated ability to drive change and influence organizational culture towards information security
- Bachelor's degree in information systems or information cybersecurity
- 8+ years of progressive experience in information security, with at least 3 years in a leadership role
- Strong knowledge of information security principles, technologies, and best practices, including risk management, vulnerability management, incident response, and security operations
- Experience implementing and maintaining security tools; EDR/XDR, SIEM, Vulnerability Management, Privileged Access Management, Privileged Remote Access, Enterprise Identity & Access Management, etc.
- Demonstrated experience working though a cybersecurity incident
- Demonstrated experience developing, documenting, and implementing information security strategies, policies, and procedures in a complex organizational environment
- Experience with regulatory compliance frameworks (e.g., GDPR, HIPAA, SOX) and industry standards (e.g., NIST, DARS, CMMC, ISO 27001)
- Proven ability to lead and manage a diverse team of information security professionals, including remote teams and third-party vendors
- Employees must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position
- This position entails access to export-controlled items and employment offers are conditioned upon an applicant's ability to lawfully obtain access to such items
- Advanced degree in cybersecurity, information technology, or a related field
- Certified Information Systems Security Professional (CISSP) or other relevant certifications (e.g., CISM, CRISC) strongly preferred
- Experience with Manufacturing industry and Operational Technology (OT)
- Experience working in a global, public company a plus
- You'll receive a generous 401k retirement plan, medical insurance, and free access to additional resource such as our Employee Assistance Program's: counseling, legal consulting, childcare, convenience services, and more.
- Diversity Employee Resource Groups (ERGs) dedicated to fostering inclusive work environments that leverage the diversity of backgrounds, experience and thought within our organization.
- Ongoing opportunities to participate in a wide variety of Learning & Development programs.
- Offers a hybrid work schedule, promoting a collaborative work environment and flexibility.
- Participate in corporately sponsored volunteer service events
- Opportunities to plan and/or attend organized social & community based activities to build your network
- Onsite cafeteria options with a terrace overlooking the city, direct access to the Riverwalk, and a close proximity to PNC Park.
- Access to LifeBalance, where you can save money on the things we all love most - fun family time, the great outdoors, health, fitness, travel, sports, and the arts