Sr Manager Global Information Security and Compliance-US

Location: Latrobe, PA, US

REQ ID: 36750

With over 80 years as an industrial technology leader, Kennametal Inc. delivers productivity to customers through materials science, tooling and wear-resistant solutions. Customers across aerospace, earthworks, energy, general engineering and transportation turn to Kennametal to help them manufacture with precision and efficiency. Every day approximately 9,000 employees are helping customers in more than 60 countries stay competitive. Kennametal generated nearly $1.9 billion in revenues in fiscal 2020. Learn more at www.kennametal.com. Follow @Kennametal: Twitter, Instagram, Facebook, LinkedIn and YouTube.

The Senior Manager, IT Security and Compliance, under the direction of the Director, IT Security and Compliance, focuses on the development and execution of the Kennametal security strategy, including security policies and procedures, governance, identity management, OT security, education, and the continuous improvement of Kennametal’s Security program. The role requires the application of subject matter expertise in IT security and the individual acts as a mentor to technical security teams across the globe. Additionally, the role will engage leaders across the organization in adopting improved security practices, and support compliance efforts in an ever-changing security environment. The position requires the candidate be a US Citizen, but location within the US is flexible.

Leadership

  • Manage and provide technical guidance and leadership to multiple teams of security professionals aligned to the Kennametal security strategy
  • Extend the reach of the Director of Global IT Security and Compliance in influencing the adoption of security improvements across Kennametal, and advocate for cybersecurity improvements with business leaders and project owners
  • Provide rapid technical security decisions for stakeholders
  • Continuously improve Kennametal’s Operations Technology Security practices
  • Influence, drive momentum, and promote operational excellence and security maturity

Risk Management

  • Reduce risk to Kennametal through the development and adoption of structured risk management practices

Build Situational Awareness

  • Support the design, implementation, and ongoing management of the Kennametal SOC
  • Implement and monitor Key Performance Indicators and measurements to evaluate the state of the security program
  • Continuously identify indicators of operational security weaknesses and take appropriate improvement actions
  • Support analysis and management reporting for enterprise security improvements
  • Support the Kennametal Managed Security Service Provider relationships
  • Support high-impact incident management and act as an escalation point for security incidents

Threat Management

  • Assist in the design, implementation, and management of a cyber threat intelligence program

Identity Management

  • Contribute to the development and implementation of an identity strategy for Kennametal
  • Support improvements in identity and access management, including the adoption of Zero Trust / SASE
  • Improve management of digital identities

Compliance Management

  • Support US Government information security compliance requirements (CUI/NIST 800-171/CMMC)
  • Support Global Data Privacy compliance efforts
  • Support global audit requirements

Security Solutions

  • Encourage adoption of standard security architectures and solutions

Preferred Areas of Education, Certifications, and Skills:

Years of Relevant Work Experience Required: 5-8 Years

  • M.S in information assurance (or related technical field) with minimum of 7 years’ experience with enterprise security topics (incident response, IAM, risk, vulnerability management, cyber intelligence, security architecture, insider threat, supply chain risk management, DR/BCP, others)
  • Familiarity with industry standards for cybersecurity (NIST CSF, CMMC, ISO27001, ATT&CK, others)
  • Strong network security knowledge
  • At least 3 years’ experience managing teams of security professionals
  • Exemplary verbal and written communication skills (English business fluent spoken and written)
  • Demonstrated ability to think strategically and perform detailed, complex analysis and data interpretation
  • Ability to work under pressure and deal with ambiguous situations

Ideal, but not required

  • Experience in a global corporation, including German Workers Councils
  • Familiarity with global data privacy regulations and requirements (e.g., GDPR, LGPD, others)
  • Familiarity with Zero Trust and/or SASE concepts, cloud architectures, and Operations Technology, standard cybersecurity frameworks
  • Hands-on experience with OT Security
  • Hands-on experience responding to APT incidents
  • Experience with NIST 800-171
  • Solid understanding of concepts related to PKI
  • Familiarity with ITIL
  • Understanding of security concerns related to software development practices (secure coding, DevSecOps…)
  • Foundational understanding of insider threat
  • Experience with information sharing and analysis center(s) (ISACs)
  • Understanding of cyber intelligence, including threat analysis, LM CKC, etc.

Required Licenses & Certificates:

  • Candidates must be US Citizens
  • General security certification (CISSP, GIAC, CISM)
  • Technical security certifications (various)

As part of our core values, Kennametal is committed to providing an inclusive and welcoming environment for all people. We are an Equal Opportunity employer.

Nearest Major Market: Pittsburgh
Job Segment: Information Technology, IT Manager, Information Security, Social Media, Engineer, Technology, Engineering, Marketing

More Information

Apply for this job

Leave your thoughts

Share this job