IT Cyber Security Lead – Office or Remote job

Job Summary

The IT Cyber Security Lead performs as a subject matter expert across the Protect functions of the NIST CyberSecurity Framework for Harley-Davidson Inc. Performs security activities, delivery, innovation, capability analysis, technical management, and service operation functions as appropriate to the following cyber disciplined fields (specialized in 1 focus or general expertise across multiple mappings): Proactive Threat Hunting (Internal and Cloud), Identity and Access Control, Data Security, Application Security, Information Protection Process and Procedures, and/or Protective Technologies. The ability to continuously improve and mature aspects of NIST mappings for the Protect Team is a vital and core responsibility along with refining or creating valued metrics to report up to leadership. Creative approaches to discovering and advancing protective improvements to the security landscape (both at a small/localized scale and globally) is paramount. Other full-team contributions include aspects of Security Incident Response, Security Operations, Emerging Technologies and Security Planning. Experienced and able to support driving complex technical scenarios often cross-functionally through an international audience to resolution via a methodical, standardized process. Provides cyber guidance to peers and members of GIS and stakeholders alike. There is flexibility in what this role looks like – you will have the opportunity to shape your environment. Works in conjunction with an outsourced partner to extract value and brand protection for H-D. Works across a variety of critical business verticals including consumer, dealer, corporate and industry lines such as manufacturing, financial services, general merchandise, etc. This is a strategic as well as a hands-on role.

While this role reports into our Milwaukee, WI corporate office, we are open to this individual working from any H-D Office location or remotely/WFH.

Job Responsibilities
• Accountable for maintaining a secure enterprise environment across the HDI technical ecosystem to protect the H-D brand
• Manage Outcome based delivery model via outsourced partner leveraging technical leadership to pre-defined desired service operations outcomes
• Demonstrated understanding of cyber security structures, theories, principles, designs, and best practices
• Knowledge of the best available tools, software, threat hunting techniques, tuning of security events, applications and systems for maintaining best-in-class security environment status
• Demonstrated expertise with security and information system life cycle methodologies, including remediation of cyber security audit risk mitigation activities.
• Ability to communicate clearly, diplomatically and effectively at all levels of the organization and to audiences with varying degrees of process and technical knowledge
• Assist, refine and mature security processes, reporting, and threat hunting
• Ability to effectively prioritize and execute tasks in a high-pressure environment and multi-task | Experience working in a team-oriented, matrixed, collaborative environment while using analytical and problem-solving abilities.

Education Requirements

Bachelor’s Degree Preferred

Education Specifications

• Bachelor Degree in computer science, MIS, Information Systems or Services, or equivalent
• Certified Information Systems Security Professional (CISSP) (within 12 months of employment)

Experience Requirements

Required
• 8 years active cyber security domain experience
• Hands-on experience architecting, designing and tuning common cyber security tools, enterprise and open source across industry (IE. SIEM, Cloud Access Security, Identity Protection, Vulnerability Management, O365 and Azure AD security tooling, Advanced Malware, WAF, IPS, API/Integrations, Application Whitelisting, Incident Response workflow, etc.)
• Ability to communicate, verbally and written to all levels of technical and professionals alike
• Demonstrated Advanced Troubleshooting and Analysis
• High Degree of technical expertise across all platforms, infrastructure, applications, storage, backup, etc.

Preferred
• SME across multiple cyber security domains to support a matrixed team environment

We offer an inclusive compensation package for all full-time salaried employees including, but not limited to, annual bonus programs, health insurance benefits, a 401k program, onsite fitness centers and employee stores, employee discounts on products and accessories, and more. We believe that employees do their best work when they are free to be themselves. This means our dress code is relaxed, and all types of work styles are welcomed.

Applicants must be currently authorized to work in the United States.

Direct Reports: No
Travel Required: 0 – 10%
Visa Sponsorship: This position is not eligible for visa sponsorship
Relocation: This position is eligible for domestic relocation assistance (within posted country)