It Cyber And Security Manager

Kingspan Insulated Panels North America, a division of the Kingspan Group plc headquartered in Ireland, is a global and trusted leader in the design, manufacturing, and supply of high-performance sustainable building products and solutions for the construction industry. As the most energy-efficient, cost-effective building envelope solutions, insulated metal panels are at the forefront of sustainability. We serve the architectural, commercial/industrial, cold storage and food processing markets, and are committed to delivering the most advanced building products on the market.

Learn about our Planet Passionate initiatives: https://www.youtube.com/watch?v=EEeIS55WMOk

At Kingspan, our future success is based on the quality of our people, who's expertise and motivation have helped ensure that we remain at the forefront of the construction materials manufacturing industry. In joining Kingspan you become an important part of a growing organization with a reputation for innovative design and use of technology, technical expertise, product quality, service excellence, and dedication to sustainability.

Ready to be part of our team?   

We are looking for an IT Cyber & Security Manager in our Caledon, Ontario, Canada office.

(This is a full-time in-office position (not remote). Travel within Canada and US required.)

Summary: The Manager of IT Cyber Security will collaborate with senior management, executives, business partners, and third-party vendors to help develop enhance and implement the Kingspan Cyber Security Strategy. This role is crucial in ensuring that all systems within the Kingspan Americas Division comply with the Group Cyber Security requirements. The Manager will have a significant role in making sure both IT and OT networks adhere to cybersecurity standards and best practices.

The main areas of responsibility for this position are:

1. Cybersecurity: Implementing and managing cybersecurity measures to protect the organization's systems and data.
2. Governance: Ensuring compliance with policies, controls, and procedures.
3. Architecture: Designing and overseeing the security architecture to align with business strategies.

Essential Duties:

Cybersecurity:

• In collaboration with other Kingspan global teams, maintain the Divisional Cyber Security Incident Response Plan.
• Lead and conduct recurring tabletop reviews of the Divisional Cyber Security Incident Response Plan.
• Lead the activities of threat response and vulnerability management, identify risk plans, and recommend remediation plans.
• Lead the information security function across the Division to ensure consistent and high-quality information security knowledge and management to support the business goals.
• Create and manage a targeted information security awareness program for all employees, contractors, and approved system users, and establish metrics to measure the effectiveness of this security training program for the different audiences.
• Partner closely with business and executive leadership to ensure that all applications and platforms are developed with security in mind and that appropriate security controls have been implemented while driving continuous investment into the Cyber security areas.
• Be the primary key individual for all cyber incidents and escalations. 

Governance/IT Controls:

• Develop a divisional information security vision and strategy aligned to Kingspan Group organizational priorities, enabling, and facilitating the organization's business objectives and ensuring senior stakeholder buy-in.
• Ensure Divisional Security is managed to and compliant with established policies, controls, and procedures.
• Lead Divisional IT Security Governance & Compliance, aiming to maintain a state of "permanent audit readiness" in alignment with Group IT Controls
• Provide regular reporting on the status of the information security program to senior business leaders and Divisional Leadership as part of a strategic enterprise risk management program.
• Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the Security and Data Governance Programs, and increase the maturity of the information security, and review it with stakeholders at the executive and board levels.
• Work with vendors and suppliers to ensure that information security requirements are met.

Architecture:

• Ensure alignment of security architecture with overall business strategy.
• Work with engineering teams in architectural design and review

Travel Requirements:

• Able to travel (up to 25%) across USA, Canada, and internationally to visit operations and offices,

Additional Compliance Responsibilities:

• Follow the Group Code of Conduct and Group Compliance.
• Group Compliance Manual:
• 2.4 All personnel

Experience: 

The IT Cyber & Security Manager should have:

• Previous experience with designing IT Security architecture, including technologies like
• EDR, vulnerability Scanning and detection, pen testing, IAM, Cloud security, network security, OT security.
• Experience with Data Governance, including Data Classification, Data Discovery, Data Security, Data Retention, and Data Loss Prevention (DLP).
• A technical background with a strong understanding of cloud and network security architecture.
• Excellent analytical skills to analyze security requirements on a divisional scale and relate them to appropriate security controls.
• Experience developing people and cyber security teams.
• 10 years IT experience with at least five of those years working in an IT Security role in a technical senior, supervisory, or managerial capacity.
• Experience with information security management frameworks such as:
• National Institute of Standards and Technology (NIST)
• International Standards Organization (ISO) 27001/2
• SOC2 and other leading-edge frameworks.
• Experience in performing risk, vulnerability, business impact assessments, and in defining remediation strategies.
• Experience developing and implementing policies, procedures, and guidelines.
• Solid understanding of project management principles.
• Ability to translate understanding of the organization’s goals and objectives into technology requirements.
• Preferred: 
• Proficiency in Spanish, French or Portuguese
• ITIL proficiency / expertise.
• Experience working in manufacturing, or similar industry

Physical Demands:  

• The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions. 
• Exert up to 20 lbs. of force occasionally, and/or up to 10 lbs. of force frequently, and/or a negligible amount of force constantly to lift, carry, push, pull, or otherwise move objects, including the human body. Involves sitting most of the time but may involve walking or standing for brief periods. 
• Specific vision abilities required by this job include close vision, distance vision, peripheral vision, depth perception, and the ability to adjust focus. 

Kingspan is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to any factor, including veteran status and disability status, protected by applicable federal, state or local laws.