Information Security Manager

Description:

 

The Automation Solutions Group Information Security Leader (GISL) and Security Manager (GISM) will represent Automation Solutions in liaising with the Corporate and other Platform Level Cyber Security organizations. The AUTOSOL GISM will represent Automation Solutions Platform on the Emerson Corporate Information Security Council and participate in corporate strategy and program development, this role will also participate in relevant IT Council meetings.

 

The GISL and GISM will work jointly with the Automation Solutions Infrastructure Security Operations Organization to ensure that processes and controls are implemented and adhered to.

 

The GISM role will maintain a dotted line relationship to the Emerson CISO and have regular 1-1 meetings to discuss performance, threats, and priorities.

 

Responsibilities:

 

Strategy & Policy Development

o   The GISM and GISL will work jointly with the Emerson CISO and cross functional teams to develop Emerson’s overall Information Security Strategy

o   Align with the business needs of the AUTOSOL Platform, Business Groups and Business Units to represent specific security strategies and controls to the Security Council

o   Leverage your expertise and knowledge of the Broader Cyber Security Organization to Provide leadership and expertise within the Automation Solutions Senior Leadership forums and meetings like Information System Advisory Board, Digital Customer Experience Board, etc.

o   Work with the Security Council in the development and support of a security program and framework built around ISO/IEC 2700x, Support Business Platform, Business Group and Business Unit implementations where appropriate

Governance

o   The GISM and GISL will work jointly with the Automation Solutions Infrastructure Security Operations Organization to ensure implementation of security policies, processes, and procedures for ensuring and maintaining a secure environment

o   Working closely with the Security & Operations teams, participate in the Incident Response process to ensure that any active incidents are quickly contained and remediated. Providing appropriate reporting to Stakeholders/Senior Management

o   Work with the relevant Domain Architects and Design Teams to insure compliance is built into systems architecture

o   Assist with Disaster Recovery and Business Continuity planning at all levels of the company

Audit & Compliance:

o   The GISM and GISL Work with the CISO and Platform stakeholders to establish audit criteria and oversight

o   Work within business function to attest appropriate external auditing requests and perform gap analysis to meet business and customer requirements

§  Work with Security Council, Law Department, Contracting, Supply Chain on language and clause requirements to meet regulatory and customer requirements

o   Work with Business Units to assist with compliance to security policies

o   The GISM and GISL will represent AUTOSOL at all levels during IT Security and compliance audits

o   Manage compliance issues to remediation

o   Provides management with compliance reporting, audit findings, and risk assessments

Oversight, Communication & Awareness

o   Chair the Automation Solutions Information Security Steering Team and provide leadership and direction to the Business Unit Information Security Leads, ensure alignment with the overall Emerson Security Program and Policies

o   Advise system and application owners regarding security considerations in applications systems procurement or development, implementation, operation and maintenance, and disposal activities (i.e. Secure Development Life Cycle)

o   The GISM and GISL will advocate adherence to Policies, Risk Management Programs, and Security programs to the Business Platform, Business Groups and Business Unit management

o   Work with the Security Council to Monitor and communicate changes in regulations and legislation that affect information security and other areas of risk management to the Business Units

o   Developing and maintaining an active relationship with the platform brand officer, platform legal counsel, and product security teams

Program Implementation

o   Overall responsible for management of, coordinating, and communicating key programs/policies at all levels of Automation Solutions

§  IT Audit

§  Information Protection and Information Risk Management

§  Secure Development Life Cycle

§  Threat and Vulnerability Management

§  Security Awareness and Education

§  Information Security Governance

o   Perform Impact Analysis on Business Units for Information Security Initiatives (e.g. Polices, Standards)

 

Requirements:

  • Bachelor’s Degree in Business or a Technical Field
  • Masters in Cyber Security, Business Administration or related field
  • 5+ years of work experience in information security, audit, networking, information technology, business analysis, or consulting
  • Experience with vulnerability frameworks (OWASP, etc.)
  • Experience with governance standards (NIST CSF, ISO27001, CSA, etc.)
  • Incident remediation, vulnerability assessment, and penetration testing experience a plus
  • Knowledge of event logging, threat correlation, and other incident response toolsets
  • Excellent oral, written and presentation skills
  • Fluent in English (speaking / reading / writing), other languages an advantage
  • Willing to travel globally for short periods of time on occasion – up to 20%

In-depth knowledge of the following security technologies would be advantageous:

  • Active Directory
  • Endpoint Security Management
    • Anti-malware Management
    • Vulnerability Management
    • Encryption
  • Network Security
    • Firewalls / Intrusion Detection System / Intrusion Prevention System
  • Application Security
    • Secure Development Life Cycle Processes and tools
  • Security Controls
    • Technical, Procedural
    • Cloud Access Security Brokers and Cloud Workload Security Services
    • ISO/IEC 27001 Series standards and other relevant information security standards or audit criterion like SSAE 16 Type II, Sarbanes Oxley, General Data Protection Regulation (GDPR), and NIST 800-171

Work Authorization

No calls or agencies please. Emerson will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas such as E, F-1, H-1, H-2, L, B, J, or TN or who need sponsorship for work authorization now or in the future, are not eligible for hire.

 

Equal Opportunity Employer

Emerson is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment.

 

If you have a disability and are having difficulty accessing or using this website to apply for a position, you can request help by calling 1-314-553-2544 (V/TTY/TDD) or by sending an email to [email protected].

 

About Emerson

Imagine being surrounded by intelligent, driven, and passionate innovators all working toward the same goal—to create groundbreaking solutions that leave our world in a better place than we found it. Emerson is a global technology and engineering company providing innovative solutions for customers in industrial, commercial, and residential markets.

 

Our Emerson Automation Solutions business helps process, hybrid, and discrete manufacturers maximize production, protect personnel and the environment while optimizing their energy and operating costs. Our Emerson Commercial and Residential Solutions business helps ensure human comfort and health, protect food quality and safety, advance energy efficiency, and create sustainable infrastructure.

 

A dynamic environment is what you’ll discover at Emerson, a Fortune 500 company with $14.5 billion in sales and 155 manufacturing locations worldwide. Together, we’re changing the world, and we have all the resources to help you achieve your professional goals.

 

Whether you’re an established professional looking for a career change, an undergraduate student exploring options, or recently received your MBA degree, you’ll find a variety of opportunities at Emerson. Join our team and start your journey today.

 

 

Source:https://emerson.taleo.net/careersection/ex/jobdetail.ftl?job=58974&src=JB-10086