Listing Description
Oshkosh Corporation owns significant assets in the form of information. Some of these assets lose substantial value if they are improperly disclosed, and similar disclosure of other assets could result in significant harm to the organization. This role will support the Global Cybersecurity Office mission by working with the business as a trusted advisor to reduce information security risks to acceptable levels.
Job Duties:
These duties are not meant to be all-inclusive and other duties may be assigned.
· Manage the activities of the Cybersecurity team responsible for incident response, threat intelligence, IoT security (operational technology, product technology security), systems operations/engineering (SecOps), architectural support, secure design, risk analysis, vulnerability management and threat hunting.
· Manage the activities of the Cybersecurity team responsible for government classified systems, supplier cyber risk management, U.S. Department of Defense cyber compliance and certification, training/education/awareness, ambassador program, social media monitoring and insider threat program.
· Contribute to the development, maintenance, and execution of the Cybersecurity strategy by providing thought leadership on all aspects of Cybersecurity. Partner with business leadership to align and integrate cybersecurity and business strategies.
· Advocate for security policy compliance and risk mitigation during planning sessions and implementation of new services, applications, platforms and oversee projects and technical implementation as needed.
· Provide leadership support of security audits, assessments, contractual requirement analyses, and forensic investigation activities.
· Monitor compliance with existing security policies and propose changes to improve operating efficiency, regulatory alignment and risk mitigation.
· Coordinate with business team (e.g. IT, HR, Engineering) to establish plans to mitigate new cyber risks associated with new business activities. Partner closely with business leadership to effectively communicate alternatives and risk mitigation recommendations.
· Manage a staff of information security professionals, hire and train new staff, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members.
YOUR EXPERTIENCE AND EXPERTISE:
· Bachelor’s degree in Information Systems, Management or equivalent.
· Ten (10) or more years of Information Security/Cybersecurity experience.
· Five (5) or more years of Information Security/Cybersecurity management experience.
· Ability to travel 10% of time.
STANDOUT QUALIFICATIONS
· Graduate degree in Information Systems, Management or equivalent.
· Relevant industry recognized certifications (CISSP, CISM, CEH, GIAC, Security+, etc.).
· Ability to interact with company personnel, build strong relationships at all levels and across all business units and organizations, and understand business imperatives.
· Strong understanding of the business impact of security tools, technologies and policies.
· Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.
· Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, management and business personnel.
· Experience with project management, audit, defense-in-depth security systems, incident response, vulnerability management, IT infrastructure, regulatory laws/framework.
Listing Details
- Salary: $180000 - $200000
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: Bachelors Degree
- Travel: Not Provided
- Telework: Full Telecommute