Sr Manager Cyber Security

Yamaha has an excellent opportunity for a Sr. Manager, Cyber Security to join our team in Cypress, CA. The Sr. Manager, Cyber Security will be responsible for establishing, managing, and maintaining the overall Information Strategy Division (ISD) Cyber Security Program, Risk Management, and Operations. The position requires a visionary leader with sound knowledge of business management and a working knowledge of cybersecurity technologies. Position requires knowledge of cyber security technologies covering the corporate network and digital ecosystem. Responsible to work with parent company, North American companies, regional business units, senior leadership, and vendor partners to ensure that information assets, data, applications, systems, infrastructure, and processes are adequately protected.  Responsible for identifying, evaluating, and reporting on cyber security risks, threats, and incidents to meet regulatory and compliance requirements, while supporting business functions and advancing business objectives.

What you’ll be doing:

• Manage the cyber security governance structure through the implementation of a hierarchical governance program, including leading the IT risk management/cyber security committee and related activities.
• Establish and manages the cyber security vision and strategy that is aligned to organizational priorities, business objectives, and ensure senior stakeholder buy-in.
• Develop, socialize, maintain, and coordinate approval and implementation of cyber security policies and best practices based on cyber security management frameworks based on ISO, NIST, and COBIT.
• Manage the Cyber Program, Risk Management, and Operations/Incident Response functions across the company to ensure consistent and high-quality cyber security management in support of the business goals.
• Responsible for oversight, planning, prioritization, and execution of cyber security projects and initiatives including managing budgets and project plans.
• Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the cyber security, and review it with stakeholders at the executive and board levels.
• Responsible for staff management including hiring, performance evaluations, and training both employees and managing contractors.
• Responsible to work with vendor management including managing 3rd party risk, bill rate negotiations, service level agreements, issue resolution, standards compliance, and on time execution of project deliverables.
• Provide leadership and ensure adherence to accepted Divisional guidelines for project management, cyber security policy, process, tools, methodologies, IT controls and compliance audit and activities.
• Coordinate the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provide direction, support and in-house consulting in these areas.

What you’ll need to be successful:

• MBA preferred
• Certifications preferred include Certified Information Security Professional (CISSP), GIAC Security Essentials (GSEC), or Certified Ethical Hacker (CEH).
• 10-15 years of demonstrated experience and success in leadership roles in risk management, cyber security, information security, and IT security.

• Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies.
• Up-to-date knowledge of methodologies and trends in both business and IT.
• Experience in developing and implementing technologies, products, and operational processes.
• Experience with contract and vendor negotiations.

Knowledge, Skills, and Abilities:

• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists.
• An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business.
• Technical expertise across a variety of security products including firewall, proxies, VPN, endpoint vulnerability, compliance, and SIEM tools.
• Expertise in network knowledge, to include network and wireless security.
• Strong knowledge of Cloud Security for popular Cloud Service providers (AWS, Azure, GCP). Practical experience with Cloud Security Architectures.
• Knowledge of SANS Top 20 Security Controls, OWASP Top 10, NIST Cybersecurity Framework, and ISO 27001/27002.
• Proven ability to collaborate with infrastructure, application, and business groups/departments.

Decision-Making Responsibility: 

• Responsible to make decisions for cybersecurity program, risk management, strategy, operations and metrics.
• Responsible to lead, manage, and collaborate with team members to deliver cybersecurity risk management.
• Responsible to make daily decisions around cybersecurity risks and issues to resolve.
• Responsible to make daily decisions to support risk management processes and/or project objectives.
• Responsible to make daily decisions to support investigate cybersecurity issues or incidents and determine if they are a false positive, minor, or major.
• Responsible to make decisions to guide 3rd party solution or activities.
• Responsible to make decisions to enable compliance to cybersecurity controls, process, and procedures.
• Responsible to make decisions to escalate cybersecurity program issues to senior management and executives.

Don’t meet every single requirement? Studies have shown that women and underrepresented minorities are less likely to apply to jobs unless they meet every single qualification. At Yamaha, we understand that talent comes in various forms, as such we are dedicated to building a diverse, inclusive, and authentic workplace.  If you’re excited about this role but your experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles!

What’s in it for you:

• 401(k) and Profit Sharing
• Fertility Benefits
• 37.5-hour workweek
• Medical, Dental, Vision
• Life and AD&D Insurance
• Wellness Program
• Short-Term Disability Coverage (for hourly roles)
• Long-Term Disability
• Student Debt Repayment Benefits
• Ability to borrow Yamaha product

Pay:

$133,000 to $286,000

Yamaha intends to offer the selected candidate base pay dependent on job-related experience. Base pay is part of Yamaha’s Total Reward program, our Talent Acquisition Team will share more details as candidates progress.

Reports to: Department Manager 

Yamaha Motor Corporation, USA is proud to be an equal opportunity employer.  All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identify, national origin, veteran or disability or any other status protected by federal, state, or local law.  We celebrate diversity and are committed to creating an inclusive environment for all employees.