Information Security Director jobs in Cary, NC

Business Overview

Element Solutions Inc. (NYSE: ESI) is a leading specialty chemicals company whose operating businesses (see below) formulate a broad range of solutions that enhance the performance of products people use every day. Developed in multi-step technological processes, our innovative solutions enable our customers' manufacturing processes in several key segments, including electronic circuitry, communication infrastructure, automotive systems, industrial surface finishing, consumer packaging, and offshore energy.

Customers of ESI’s businesses use our innovation as a competitive advantage, relying on ESI to help them navigate in fast-paced, high-growth markets. The breadth of ESI’s offerings provides strong strategic value to the end markets they serve. With over 5,500 people in operating facilities across more than 50 countries, ESI has established a growing legacy of creating technological advances for customers around the globe. Our people and technical sales teams are located close to our key markets, allowing us to maintain strong customer relationships and accelerate our product innovation process.

The company has two segments: Electronics and Industrial & Specialty.

The electronics segment is made up of:

Circuitry (MacDermid Enthone), and Semiconductor & Assembly Solutions (Alpha & Compugraphics) businesses.

The Industrial & Specialty segment is made up of:

Industrial (MacDermid Enthone), Graphics (MacDermid Graphics) and Energy (MacDermid Offshore) businesses.

Together with annual sales of US $2,400 million in FY2021. Shown below are overview pages of financial information, product applications, and regional breakdowns, summarized from various presentations within our Investor Relations site at Investor Relations :: Element Solutions Inc (ESI)

Job Purpose

The Director of Information Security Operations serves a key member of the Information Security leadership team and will act as a consensus builder, problem solver, and team leader for the overall security organization. The Director of Information Security Operations is a critical role that requires an individual with a strong technical background as well as innate understanding of balancing security requirements with business objectives. The Director of Information Security Operations will act as an empowered team member with the CISO during planning and design initiatives to ensure security measures are incorporated into the IT strategy and priorities are clearly understood/defined. This individual will lead a global team responsible for continuously monitoring Element’s network and responding to cyber security threats, anomalies, and attacks in partnership with our 24x7 managed SOC.

In this role, the Director of Information Security Operations must also articulate and intimately understand technical and complex information security threats, methodologies, frameworks, technologies, and architectures. They should draw from previous hands-on experience to navigate technical decisions and challenges. This deep level of knowledge and fundamental understanding is critical to appropriately communicating, prioritizing, and mapping disparate technical data to actionable business risks – as well as holding others accountable. The Director of Information Security Operations will assist with security modernization, simplification, and automation to streamline operations and the overall security architecture.

Job Responsibilities

Manage Element’s detection and response capabilities including software, third party security operations center, and threat hunting. Lead the team responsible for security investigations and digital forensics.
Develop Element’s critical incident response program and manage security incidents and events to protect Element assets, including intellectual property, IT assets, and the company's reputation.
Investigate security alerts and provide incident response.
Monitor identity and access management, including monitoring for abuse of permissions by authorized system users.
Develop and enhance an information security and cyber defense management framework.
Coordinate and manage external relationships as it relates to security assessment services as well as incident response requirements.
Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
Collaborate and assist with the development and communication of Element’s security policies and standards to ensure compliance.
Provide strategic and tactical security guidance for all Element Enterprise IT projects, including the evaluation and recommendation of technical controls.
Ensure that security programs are in compliance with applicable laws, regulations and policies to minimize or eliminate risk and audit findings.
Liaise between the security team, risk management, IT, audit, legal and HR management teams as required.
Recruit, train, motivate, mentor, lead, and retain quality security team members to ensure proper progression and skillset coverage is in place as the information security program grows and matures.
Develop business-relevant metrics to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation and increase the maturity of the security program.
Keep up to date with the latest security and technology developments.
Research/evaluate emerging security threats and ways to manage them.
Ensure monitoring for attacks, intrusions and unusual, unauthorized or illegal activity.
Drive the testing and evaluation of security products.
Design new security systems or upgrade existing ones.
Use advanced analytic tools to determine emerging threat patterns and vulnerabilities.
Engage in 'ethical hacking', for example, simulating security breaches.
Identify potential weaknesses and implement measures, such as firewalls and encryption.
Monitor and respond to 'phishing' emails and 'pharming' activity.
Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues.
Assist in the building and implementing of a robust and secure Identity and Access Management plan.

Requirements & Qualifications

• 8 years of similar or relatable technical security leadership experience; with a global company preferred
• Language: fluent English is essential
• Strong knowledge of technological trends and developments in the area of security, privacy, and risk management.
• Strong understanding of network fundamentals and protocols to be able to provide input into firewall, intrusion detection / prevention, penetration testing, and incident analysis and recomendations.
• Project management skills, scheduling and resource management.
• Knowledge of security, service, and control frameworks, such as ISO/IEC 27001, NIST, ITIL, SOX, and GDPR.
• Knowledge of latest information security technologies and services such as EDR, SOC, NDR, SIEM, SOAR, and XDR.
• Excellent written and verbal communication skills and high level of personal integrity
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
• Experience with contract and vendor negotiations and management including managed services.
• Experience with Cloud computing/Elastic computing across virtualized environments.
• Demonstrated leadership in a multi-cultural setting
• Business process analysis, design, and improvement skills
• Team-oriented
• Ability to explain complex technical information clearly to business stakeholders
• Analytical and problem-solving skills, including the ability to present solutions/alternatives and influence the outcome of decisions
• Self-starter with demonstrated initiative and hands-on
• Strong drive with the ability to make things happen. Comfortable in a dynamic environment.

Education

EEO Statement

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.