Position Type: Computer and Information Technology
The Director, Information Technology and Cyber Security position is located on site in Toledo, Ohio and is responsible for understanding our business and information technology strategy to ensure that we have the platforms, tools and capabilities required to deliver on our business and technical commitments. She/He defines and communicates plans, procedures, policies, and standards for the organization for acquiring, implementing, and operating new technology strategies, equipment and software. The Director also creates and implements integrated technology strategies to support multiple functions and processes, which includes analyzing emerging technologies and translating impact on current and future business processes.The Director holds the responsibility of CISO, Chief Information Security Officer and is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. The Director is responsible for the creation, implementation, and oversight of strategies and programs designed to reduce and mitigate information security risk across all BCI Companies. They establish and lead an enterprise-wide information security and assurance function, ensuring that confidentiality, integrity, and availability requirements of information systems and assets are identified and managed appropriately. They lead all investigations into problematic activity and provide on-going communication with senior management. The Director also leads the design and execution of vulnerability assessments, penetration tests and security audits.
ESSENTIAL JOB FUNCTIONS
The Director, IT and Cyber Security is accountable for the following functionsfor the business units served by Shared Services:
Researching and evaluating new technologies to be used as enhancements or updates to existing server, network, and other IT infrastructure equipment;
Overseeing the maintenance of the existing IT infrastructure including firmware upgrades as necessary;
Scoping, planning and directing the department's strategic activities and timelines, coordinating with other department heads as required;
Ensuring the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories;
Measuring and monitoring performance to maintain uptime and stability, while striving for continuous improvement;
Leading the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements;
Leading the IT department on global technology development to fully secure information, computer, network, and processing systems;
Leading the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures;
Developing and communicating security strategies and plans to executive team, staff, partners, customers, and stakeholders;
Performing regular security awareness training for all employees to ensure consistently high levels of compliance;
Responsible and accountable to document and maintain the Company's system security, policies, and practices;
Drafting and enforcing appropriate Company policies on IT access and security as reviewed and approved by the President and the CHRO;
Maintaining up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors;
Remaining informed on trends and issues in the security industry, including current and emerging technologies and prices;
Managing and coordinating the department's financial and budget activities to fund operations, maximize investments, and increase efficiency;
Creating a motivational environment for employees to perform work efficiently; persuades, coaches, and creates opportunities for employees;
Providing guidance and direction to subordinates, including setting performance standards and monitoring performance;
Following and enforcing the Company's policies and procedures, including the EEO guidelines and safety, at all times
Performing any miscellaneous duties as needed.
JOB REQUIREMENTS
Education and Experience
High school diploma - Required
Bachelor's Degree in a technical or management field - Required
Ten (10) years' direct, progressive experience Security, Risk, Governance, Compliance or related professional area - Required
Five (5) years' experience managing technical teams, including proven experience coaching and directing technical people in various roles within a project-driven organization - Required
Certifications (One or more of the following desired): ISC2: Certified Information Systems Security Professional (CISSP) ISACA: Certified Information Security Manager (CISM) ISACA: Certified Information Systems Auditor (CISA) - Required
Experience leading IT and Cyber Security Teams in a multi-state structure - Highly Preferred
