Director - Information Security Operations

ON Semiconductor Phoenix , AZ 85002

Posted 7 months ago

The Director, Information Security Operations develops, coordinates, and evaluates ON Semiconductor policies, procedures and standards to monitor and ensure protection of information assets. This individual collaborates with any and all organizations necessary to respond to information security incidents. The Director leads and oversees a team that ensures security, privacy, ethics, and appropriate use of enterprise systems and information. This individual reports to the Chief Information Security Officer.

Value proposition:

ON Semiconductor was recently named one of the world's most ethical companies and our Core Values of respect, integrity and initiative are on display each day. You'll have an opportunity to join a growing information security team focused on protecting critical information assets while enabling business internationally. Additionally, you will interact with leaders inside and outside of company as you lead a team of high-performance employees, contractors and partners.

Role Responsibilities:

The key responsibilities of the role are to lead and oversee at team of professionals to:

  • Analyze infrastructure, application, and data security events including intrusion detection analysis

  • Collect and correlate network and user activity to identify instances and trends of unauthorized use

  • Document technical and security incident reports, e.g., "spills" and identify continuous improvement opportunities

  • Report emerging threats and vulnerabilities to aid in the identification and prevention of incidents

  • Perform investigations as directed by the CISO, CIO, Chief Privacy Officer, and Chief Compliance and Ethics Officer

  • Gather, analyze and report key performance indicators and recommendations to executives

  • Drive incident response, mitigating actions, and forensics analysis when necessary

  • Perform vendor management to ensure performance meets or exceeds service level agreements

  • Coach, mentor, teach and direct internal staff

  • Develop five-year strategic plan, forecast resources, adhere to budget

Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include:

  • Strong interpersonal and executive communication skills

  • Ability to effectively negotiate and influence others to modify their opinions, plans, or behaviors

  • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business

  • An understanding of organizational mission, values, and goals and the consistent application of this understanding

  • Escalation of issues early and ability to manage customer expectations effectively

  • Anticipate problems, identifies solutions and addresses issues creatively

  • Ability to react quickly, decisively, and deliberately in high-stress, high-impact situations

  • Strong decision-making capabilities, with a proven ability to weigh relative costs and benefits of potential actions and identify the most appropriate one

  • Technical expertise in common security operations center tools and techniques e.g., SIEM, UBA, firewalls and troubleshooting

Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are:

  • BS, MS, or MBA in Computer Science, Information Security, or a related field.

  • Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM)

  • 8 years of experience in information security, especially in a leadership role with a Computer Incident Response Team (CIRT) or a Security Operations Center (SOC)

  • 5 years of experience in another IT function, e.g., software development or infrastructure administration

  • 3 years of experience with regulatory compliance and information security management frameworks (e.g., GDPR, IS027000, COBIT, NIST 800, etc.)

  • Ability to obtain US government security clearance

ON Semiconductor (Nasdaq: ON) is driving energy efficient innovations, empowering customers to reduce global energy use. The company is a leading supplier of semiconductor-based solutions, offering a comprehensive portfolio of energy efficient power management, analog, sensors, logic, timing, connectivity, discrete, SoC and custom devices. The company's products help engineers solve their unique design challenges in automotive, communications, computing, consumer, industrial, medical, aerospace and defense applications. ON Semiconductor operates a responsive, reliable, world-class supply chain and quality program, a robust compliance and ethics program, and a network of manufacturing facilities, sales offices and design centers in key markets throughout North America, Europe and the Asia Pacific regions. For more information, visit http://www.onsemi.com.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Chief Information Security Officer (Ciso) Director IT

Freeport-Mcmoran Copper & Gold Inc.

Posted 2 weeks ago

VIEW JOBS 2/4/2020 12:00:00 AM 2020-05-04T00:00 Freeport-McMoRan is a leading international mining company with headquarters in Phoenix, Arizona. We operate large, long-lived, geographically diverse assets with significant proven and probable reserves of copper, gold, and molybdenum. The company has a dynamic portfolio of operating, expansion and growth projects in the copper industry. Freeport-McMoRan is one of the world's largest publicly traded copper producers, the world's largest producer of molybdenum and a significant gold producer. We have a long and successful history of conducting our business in a safe, highly efficient and socially-responsible manner. We have the assets, the talent, the drive and the financial strength to provide attractive and rewarding careers of our employees. We encourage you to take the time to explore the opportunity to advance your career at Freeport-McMoRan. Description This is the top information and cyber-security executive in the company. The CISO will oversee and coordinate global security strategy and drive cyber-risk governance across the company, including efforts around security operations, cyber threat intelligence, security architecture, and program management. The CISO will be the primary liaison and change agent for all security matters associated with information technology, operations, engineering, human resources, communications, legal, risk, and facilities management. * Oversee and develop a team of security managers and strategic vendors who safeguard the company's assets, intellectual property, data and computing systems. * Overall accountability to set the vision and establish direction for the global cyber security program that is clearly aligned with the strategic objectives and priorities of Freeport and its businesses. * Manage the development and implementation of global security policy, standards, guidelines and procedures to ensure ongoing maintenance of the cyber security program. Physical protection responsibilities will include asset protection, access control systems, video surveillance, and more. Information protection responsibilities will include data privacy and protection, mobile and endpoint security, threat detection and hunting, vulnerability management, application security architecture, identity and access management, cyber resiliency, network security architecture, network access and monitoring policies, employee education and awareness, and more. * Collaborate with the executive team to prioritize security initiatives and spending based on appropriate risk management and/or financial methodology. Prepare and present regular board-level reporting to create awareness of emerging risks and the company's cyber preparedness. * Oversee incident response planning, as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary. * Maintain relationships with local, state and federal law enforcement and other related government agencies. * Perform other duties as required. Qualifications Minimum Qualifications * Bachelor's degree in Computer Science, MIS, Cyber Security or related field * Fifteen (15)+ years of total experience in Information Technology, including ten (10)+ years of experience in security leadership and management to include, * Collaborative management style * An intelligent, articulate and persuasive leader who can serve as an effective member of the senior management team and who is able to communicate security-related concepts to Executives, Board of Directors and a broad range of technical and non-technical staff * Experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation * Knowledge of pertinent law and the law enforcement community * Demonstrated ability to manage and mentor large complex teams, including teams using a mix of in-house professionals, outsourced providers, and contractors * Demonstrated experience in a mixed Information Technology and Operating Technology environment Preferred Qualifications Experience in: * Selecting and managing outsourced business partners * Providing input on the security and risk implications from business and technology transformation activities * Leading security technology changes, and providing direction to teams on project issues * Cloud and on-premise information security challenges and developing programs to address cyber and security risks * Working in a distributed business environment, including working with offshore and remote business leaders and teams * Working with compliance functions and teams * Providing executive level feedback and communication on relevant current security and cyber topics, current program objectives and progress, and risks associated with business decisions or initiatives * Demonstrating compliance with industry leading practices for cyber-security Criteriea/Conditions * Ability to understand and apply verbal and written work and safety-related instructions and procedures given in English * Ability to communicate in English with respect to job assignments, job procedures, and applicable safety standards * Must be able to work in a potentially stressful environment * Some travel to all global operating locations will be required in this position * Project demand will dictate varied work hours * Position is in a busy, non-smoking office located in Phoenix, AZ * Location requires mobility in an office environment; each floor is accessible by elevator * Occasionally work will be performed in a mine, outdoor or manufacturing plant setting * Must be able to frequently sit, stand and walk * Must be able to frequently lift and carry up to ten (10) pounds * Personal protective equipment is required when performing work in a mine, outdoor, manufacturing or plant environment, including hard hat, hearing protection, safety glasses, safety footwear, and as needed, respirator, rubber steel-toe boots, protective clothing, gloves and any other protective equipment as required * Freeport-McMoRan promotes a drug/alcohol free work environment through the use of mandatory pre-employment drug testing and on-going random drug testing as per applicable State Laws Freeport-McMoRan has reviewed the jobs at its various office and operating sites and determined that many of these jobs require employees to perform essential job functions that pose a direct threat to the safety or health of the employees performing these tasks or others. Accordingly, the Company has designated the following positions as safety-sensitive: * Site-based positions, or positions which require unescorted access to site-based operational areas, which are held by employees who are required to receive MSHA, OSHA, DOT, HAZWOPER and/or Hazard Recognition Training; or * Positions which are held by employees who operate equipment, machinery or motor vehicles in furtherance of performing the essential functions of their job duties, including operating motor vehicles while on Company business or travel (for this purpose "motor vehicles" includes Company owned or leased motor vehicles and personal motor vehicles used by employees in furtherance of Company business or while on Company travel); or * Positions which Freeport-McMoRan has designated as safety sensitive positions in the applicable job or position description and which upon further review continue to be designated as safety-sensitive based on an individualized assessment of the actual duties performed by a specifically identified employee. Equal Opportunity Employer/Protected Veteran/Disability Freeport-Mcmoran Copper & Gold Inc. Phoenix AZ

Director - Information Security Operations

ON Semiconductor