Director, Information Security & Digital Workplace Technology

Director, Information Security & Digital Workplace Technology

IMPACT and OPPORTUNITY

The Director, Cyber Security & Workplace Technology will partner closely with multiple cross-functional teams within a global organization to understand their business requirements for developing, implementing and monitoring a strategic and comprehensive enterprise cybersecurity and IT risk management program. You will be responsible for defining, articulating, developing, and implementing the vision and leadership necessary to manage risk to the organization and will partner and align with the business and operations to attain business alignment, effective governance, system and product availability, integrity and confidentiality. This position will report to the Chief Information Officer.

ESSENTIAL FUNCTIONS AND RESPONSIBILITIES

• Demonstrated experience in leading and mentoring a team of security and digital workplace professionals, guiding them in safeguarding companies infrastructure and data. Proficient in overseeing the deployment of complex application integrations to ensure comprehensive protection measures are in place.
• Implement post-acquisition security plans to bring acquired companies into Gentherm security standards
• Project management experience within the IT function, particularly in successfully implementing complex applications involving multiple integrations and data sets
• Information security professional with a proven track record in implementing and adhering to ISO 27001 and ISO 27002 standards, NIST Cybersecurity Framework, or COBIT, ensuring meticulous compliance with their requirements.
• Experience in managing and coordinating the TISAX assessment and certification activities within the organization.
• Capable of delivering presentations and communicating security incidents, reports, and metrics to top-level executives in a confident and smooth manner
• Enhance and refine our incident response plans and procedures, leveraging expertise and knowledge, to guarantee a prompt and efficient response to security incidents
• Expertise in implementing vulnerability management programs, conducting vulnerability assessments, and overseeing the patch management process to address identified vulnerabilities.
• Seeking a professional with expertise in ensuring compliance with GDPR and other relevant standards, with experience working with Europe and Asia.

OTHER CORE FUNCTIONS

• Promptly responding to incidents and threats, including Business Email Compromise (BEC), Data Breaches, and Phishing
• Provide project management and leadership to internal and external resources in support of established goals and objectives, improved efficiencies, and problem resolution
• Develop, maintain, and publish up to date security policies, standards and guidelines and oversee training and dissemination of policies and practices
• Strong working knowledge and expertise in Azure security, including an in-depth understanding of conditional access policies, endpoint manager, MDM toolsets, and software stores. Ability to integrate and optimize these systems for enhanced security.
• Evaluate new cybersecurity threats, strategic risk and IT trends and develop effective security and technical controls
• Plans, organizes and directs a variety of operations, security, network, systems and application deployment either host in the cloud or on premise and support infrastructure
• Support the operation and continued strengthening of enterprise access management services, including things such as Single Sign On (SSO, IAM), Multi-Factor Authentication (MFA) and Privileged Access Management (PAM) platforms
• Overseeing information security and conducting audits of digital workplace technologies, encompassing both external and internal audit requirements. Previous experience with publicly traded companies is advantageous.
• Analyzes and understands business needs; develop and recommends plans/solutions for meeting the information systems and technical security support needs

MINIMUM QUALIFICATIONS

• Bachelor’s degree in Information Systems, Information Technology, Computer Science, Finance or Engineering
• Eight (8) years of directly related IT cyber risk and compliance experience or twelve (12) years of equivalent experience in IT risk, IT Compliance, continuous process improvement, and third-party vendor management
• 8+ years of business IT experience including relevant security/cyber risk and compliance experience
• Minimum 3+ years of experience with various technology and application integration projects
• Minimum 3+ years of experience with process improvements or data solutions implementations
• A strong working knowledge of, but not limited to, SOC 2, CCPA, NIST, ISO 27001/2 and other applicable industry standards.
• Experience with Mergers and Acquisitions (M&A) processes, including conducting due diligence, developing integration plans, executing strategic actions, and assessing the impacts on IT infrastructure.
• Strong communication and interpersonal skills as this role collaborate with IT teams, business partners including operations, finance, HR, Sales and Engineering, as well as third-party vendors
• Demonstrated ability to lead and drive change in a complex matrix environment
• Ability to establish rapport, credibility, and influence to drive results outside of the support team
• Minimum 2+ experience working on Azure Cloud, Data Pipeline, Azure Synapse,

PREFERRED QUALIFICATIONS

• Security-related certification (CISSP/CISM/CRISC)
• Azure-related experiences including (Azure Security Technologies, SOAR, IAM)
• Demonstrated, progressive experience in the management and supervision of technical professionals
• Demonstrated proficiency in Microsoft licensing software, coupled with a thorough understanding of its licensing structure and mechanisms
• Experience in leading an enterprise development workstream involving several systems and diverse skillsets in a global company
• Tier I or II Automotive supplier experience
• Experience with enterprise applications like SAP ERP, CRM etc.

NICE TO KNOW

TRAVEL: Up to 15% Global Travel, etc.

LEADERSHIP RESPONSIBLITIES: People Leader ~ 6 direct reports

COMPETENCIES

• Deliver Results
  • Understand the mission and output of your team; set SMART objectives and deliver
• Drive Change
  • Focus on agility and commitment to continuous improvement; Understand and act on internal and external drivers of change
• Build Capability
  • Foster a culture of learning and development; Support individual growth through continuous feedback to achieve personal and professional goals
• Cultivate Innovation
  • Openly embrace, create, implement and support new and innovative ideas, processes and technology that deliver business results

PHYSICAL DEMANDS/WORK ENVIRONMENT

All positions in our office require interaction with people and technology while either standing or sitting. In order to best serve our customers, internal and external, all associates must be able to communicate face-to-face and on the phone with or without reasonable accommodation. Gentherm is committed to compliance with its obligations under all applicable state and federal laws prohibiting employment discrimination. In keeping with this commitment, it attempts to reasonably accommodate applicants and employees in accordance with the requirements of the disability discrimination laws. It also invites individuals with disabilities to participate in a good faith, interactive process to identify reasonable accommodations that can be made without imposing an undue hardship.