Senior Manager, Information Security

At Universal Display Corporation (Nasdaq: OLED) (UDC), we’re changing the way people see the world.

If you’re reading this on a smartphone, there’s a good chance UDC’s materials are producing the light and color shining from your screen right now. UDC’s OLED ingredients are key parts of stunning, energy-efficient displays used in everything from smartwatches to phones, tablets, laptops, monitors, TVs and automobiles. Virtually every OLED consumer electronics product around the world uses UDC’s phosphorescent OLED materials and technologies.

UDC is a publicly traded company and pioneer in the OLED industry. When you join our global team, you are embarking on a journey at the forefront of display technology and organic electronics that impacts the daily lives of people around the world. From engineers to chemists, Ph.D. scientists, technicians, lawyers and more, our UDC team is continuously advancing our field. With a focus on energy efficiency, UDC’s team is contributing to making a better, more sustainable planet. Please visit us at www.oled.com.

Job Summary

The Senior Manager of Information Security is responsible for establishing and maintaining Universal Display Corporation’s information security management program to ensure that information assets are adequately protected. This position is responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise.  This role proactively works with business and functional teams to implement practices that meet defined policies and standards for information security. He or she will also oversee a variety of IT-related risk management activities.
The Senior Manager of Information Security serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information, and intellectual property, in compliance with the organization's information security policies. This leader will work with executive management to determine acceptable levels of risk for the organization.
This role will balance hands-on technical expertise with strategic leadership to protect Universal Display Corporation’s systems, data, and operations. This role requires a proven record in implementing robust security measures, managing security operations, and driving strategic initiatives to align with organizational goals.


Key Responsibilities

1. Strategic Security Management:

• Represent, communicate and develop information security and risk management strategies and plans with the executive team, senior management and the board of directors.
• Perform a strategic assessment of current cyber capability, process and readiness and use the output to develop and execute a comprehensive IT risk management strategy, program and security roadmap.
• Develop a cyber scorecard using an established security framework (e.g., NIST, ISO, CIS) to monitor operational and strategic performance, perform trend analysis and continuous process improvement, and communicate cyber security positioning with executive management and board of directors.
• Provide regular reports to leadership on the status of the security program and emerging threats.
• Act as a cybersecurity architect, offering strategic risk guidance for IT projects and technologies, including evaluating and recommending solutions and technical controls.
• Ensure compliance with standards and regulations (e.g., ISO 27001, NIST, GDPR, CCPA).

2. Security Operations & Incident Management:

• Select, oversee, and monitor security tools (e.g., firewalls, IDS/IPS, SIEM, and endpoint protection).
• Identify and address security gaps, vulnerabilities, weaknesses, irregularities, and issues in real time.
• Detect, investigate, and manage response to security incidents, conduct root cause analysis, and implement mitigation measures.
• Perform regular vulnerability assessments, penetration testing, and risk analysis.
• Work with cross functional teams to develop, test, and maintain disaster recovery and business continuity plans.

3. Infrastructure Protection & Program Development:

• Collaborate with internal teams to design, implement, and maintain security technologies for networks, servers, applications, and data.
• Ensure encryption, authentication, and access control measures are properly configured.
• Collaborate with the IT team to secure cloud environments and on-premises infrastructure.
• Oversee customer and vendor assurance risk assessments.

4. Policy, Training, and Compliance:

• In collaboration with IT and business leadership establish, implement, and/or update security policies, standards, and guidelines (e.g., acceptable use policies, regional travel policies, generative AI policies, etc.)
• Lead organizational security awareness programs and employee training.
• Facilitate metrics and reporting frameworks to measure security program effectiveness and maturity.
• Lead IT preparations, responses, and remediation for all audit activity (including SOX), and ensure compliance with relevant laws and policies.

5. Leadership & Collaboration:

• Lead engagement with all security-related third-party service providers.
• Collaborate with cross-functional teams and executive business leadership to integrate security practices into business operations. 
• Function as a key advisor for security risks and ensure alignment of security strategies with organizational objectives.

Required Qualifications

Education and Experience:

• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
• Minimum of 10 years in information security, with at least 2 years in a leadership role.

Certifications:

• CISSP, CISM, CEH, GIAC, or similar certifications preferred.

Technical Expertise:

• Familiarity with NIST CSF, CIS standards, controls and benchmarks and implementation of endpoint hardening leveraging CIS best practices preferred.
• Hands-on experience with most or all the following security technologies: SIEM, IDS/IPS, EDR, Vulnerability Scanners, Mail Security Filtering, DNS Filtering, MS Azure and Entra Security, Threat Monitoring and Intelligence Analysis, Network and Cloud Monitoring and Surveillance, and Security Training Platforms
• Proficiency in application and data security principles and practices, network security principles, cloud security (AWS, Azure, GCP), and DevSecOps practices.
• Strong knowledge of security frameworks and data privacy regulations.

Skills and Competencies:

• Strong analytical, problem-solving, and innovative thinking abilities.
• Excellent interpersonal, verbal, and written communication skills, including experience engaging senior executives.
• Demonstrated ability to develop and manage complex security programs and initiatives.
• Experience with international security considerations, particularly conducting business in Asia, is highly preferred.

This role offers the opportunity to lead impactful initiatives, foster a culture of cybersecurity awareness, and ensure the resilience of the organization against emerging threats.