Dir Cyber Security

Security Strategy Development:  identify and asses risks to the organization's information systems. This includes understanding potential threats and vulnerabilities and determining the impact they could have on the organization. 

Policy Development: lead the development of the ISP (Information Security Policy), ensuring that it aligns with the organization's overall security strategy and objectives. develop incident response plans. This involves collaborating with various stakeholders to gather input and ensure that the policy addresses all relevant security concerns 

Implementation and Enforcement: Once the ISP is developed,  oversee its implementation across the organization. This includes ensuring that all employees are aware of and adhere to the policy, as well as monitoring compliance and enforcing the policy as needed 

Supervision of Security Teams : lead / coach IT security teams (COE). Provide necessary training and professional development of team members. 

Compliance & Regulation : ensure that the organization's cybersecurity framework complies with local regulations such as NIS2 and other relevant standards (CMMC). Coordinate with cyberinsurance providers. This includes demonstrating the organization's cybersecurity posture, providing necessary documentation, and ensuring that the organization meets the insurer's requirements for coverage. 

Certification Processes: The Cyber Security Director oversees the process of obtaining cybersecurity certifications such as SOC2, Cyber Essentials, and others. This involves preparing the necessary documentation, coordinating audits, and ensuring that the organization meets the certification criteria. 

Incident Management : Coordinate security incident response and investigations. Analyze incidents to identify root causes and implement corrective actions. 

Awareness and Training : Develop security awareness programs for all employees. Offer regular training sessions on security best practices. 

Interdepartmental collaboration : When required; work closely with other departments to embed security into all aspects of the business. Participate in executive meetings to provide updates on the security status. 

Monitoring and Analysis : define monitoring tools, KPI and processes to detect suspicious activity and vulnerabilities. 

Innovation and Continuous Improvement : Stay up to date with the latest cybersecurity trends and technologies. Propose improvements and innovations to strengthen company's security posture. Conduct regular security risk assessments and security audits. Implement threat prevention and detection measures. 

Cybersecurity Project Management : Plan and lead cybersecurity projects. Manage resources, budgets, and timelines. Collaborate with stakeholders to define project objectives and requirements. 

Required Skills/Abilities:  

Proven work experience in risk management and information security 

In-depth knowledge of cybersecurity principles, industry standards, frameworks, projects and best practices 

CISSP Certification required 

Strong analytical, listening, interpersonal and communication skills. 

Excellent project management and leadership skills 

Ability to communicate complex technical information to a range of audiences 

Strong problem-solving and analytical skills to identify and mitigate security risks 

Experience working with international teams 

US Citizenship is mandatory 

Preferred Education and Experience 

Bachelor’s Degree 

8-10 years of experience in Computer science and information technology 

Travel Required: (Percentage 0-100) ​Domestic​ ​10%​ 

The Manitowoc Company, Inc. is an Equal Opportunity Employer – Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. 

The Manitowoc Company, Inc. was founded in 1902 and has over a 120-year tradition of providing high-quality, customer-focused products and support services to its markets. Manitowoc is one of the world's leading providers of engineered lifting solutions. Manitowoc, through its wholly-owned subsidiaries, designs, manufactures, markets, and supports comprehensive product lines of mobile hydraulic cranes, tower cranes, lattice-boom crawler cranes and boom trucks under the Grove, Manitowoc, National Crane, Potain and Shuttlelift brand names.

EOE / DISABLED / VETERAN