Deputy, Global Information Security Officer

Select how often (in days) to receive an alert:

The Deputy, Global Information Security Officer is responsible for leading the security strategy roadmap, consulting with security solution partners and defining company security policies and standards. Will have oversight of global security operations, incident response and both US and international Aerospace and Defence (A&D) security and compliance. The right candidate will have the required presence, confidence, and knowhow to quickly gain trust, credibility, and respect.

They will have a proven record of taking a fact-based approach to the assessment of the current state of operations and the implementation of pragmatic solutions to address business needs. They will extract maximum value from existing technology investments while leveraging industry trends to introduce new and relevant technologies to deliver the necessary protection to the enterprise.

Performs tasks such as, but not limited to, the following:

Drive the overall security strategy for Celestica, aligning security initiatives with business objectives, influencing stakeholders, and securing buy-in for security investments.

Act as a champion for security across the organization, fostering a security-conscious culture and promoting best practices.

Provide leadership to the information security organization.

Take ownership of the incident response program, including developing and testing incident response plans, coordinating response activities, and conducting post-incident reviews to improve future response capabilities.

Leverage data analytics to inform security strategy, identify threats, and measure the effectiveness of security controls. This includes promoting a data-driven security culture within the team.

Drive improvements and efficiencies within the security operating model including identifying areas for optimization, streamlining processes, and championing change.

Drive the development and implementation of security standards and policies. This includes ensuring compliance with relevant regulations and industry frameworks, and staying abreast of emerging security threats and best practices.

Actively scans laws, guidelines, and regulations in all the countries that we operate to ensure that any major exposure on data privacy is addressed or mitigated.

Establish, implement and monitor strategic processes to maintain and improve IT solutions, infrastructure and support services.

Coordinate with external authorities to assure monitoring posture is at a high level of attentiveness.

Accountable for monitoring suspicious network and endpoint activities, and taking corrective actions, as required.

Responsible for managing security partners and other third-party security relationships.

Appraise CIO/CISO of cybersecurity trends and threats.

Responsible for developing and testing threat identification, containment, and recovery plans.

Accountability for cybersecurity awareness, training, and internal phishing campaigns.

Key liaison and collaboration with physical security.

Collaborate on pre-acquisition requirements with stakeholders assuring that security standards are met prior to acquisition.

Facilitate the necessary efforts and resources to ensure that duration of exposure to cyber events is addressed rapidly

Participate on company world-wide teams to share information, help implement global initiatives, leverage IT resources and investments, and develop future state of company architecture.

Build, manage, and mentor a high-performing security team. This includes setting clear goals, providing development opportunities, and fostering a collaborative and innovative work environment.

Responsible for maturing the Information Security function and driving discipline on execution of all security initiatives to ensure they are delivered on-time, on-budget, and with quality.

Advanced knowledge of project management and Full Project Scope Experience

Experience in partnering with the business in promoting cybersecurity initiatives

Demonstrated experience implementing Security strategies and solution designs

Advanced understanding of virtualized cloud computing environments

Performing full security compliance and risk assessments

Advanced knowledge of Information Security Penetration Testing, IT Vulnerability Assessments

Mastery level of understanding in IT Risk Management and IT Governance/Audit Procedures

Advanced understanding of Cybersecurity incident Response Management and advanced experience in incident response activities

Advanced understanding of IT Security Architecture

Advanced knowledge of Security Standards, Regulations, and Best Practices

Extensive knowledge of IT design and deployment, and operations process

Knowledge and understanding of the business unit and how decisions impact customer satisfaction, product quality, on-time delivery and the profitability of the unit

Information security forensics

Knowledge of common information security…