Director, IT Security
Enpro Inc. · Charlotte, NC · 3 wk ago
Information TechnologyFull-time
Responsibilities
- Develop and sustain high-performing teams through direct and indirect leadership.
- Drive and execute security projects proactively, demonstrating a self-driven approach to project execution.
- Lead the Enpro Information Security Team in the enhancement of incident response processes, strategic planning, and driving a culture of cybersecurity across the business.
- Support risk management initiatives by working closely with stakeholders across business functions to assess needs and apply risk management treatments accordingly.
- Act as a technical authority to provide security architecture guidance to teams across the business.
- Support and mature Enpro's Security Operations program by optimizing the combination of technologies required to improve monitoring, prevention, detection, mitigation, and automation capabilities.
- Mature Enpro’s Governance Risk & Compliance (GRC) and Identity & Access Management (IAM) capabilities and processes.
- Manage and support regulatory compliance programs by guiding compliance initiatives, driving cybersecurity business certifications, advising stakeholders, and staying abreast of emerging trends and changes to regulations.
- Lead team in responding promptly to security incidents and provide thorough post-event analysis.
- Mature risk and vulnerability management programs by driving security and risk assessments, vulnerability analysis, and prioritizing remediation efforts.
- Strengthen OT security program by leading the continuous improvement efforts for Enpro's OT security strategy.
- Provide technical leadership and oversight to organizational technology and security projects.
- Drive agile approach in managing security team workload and projects.
- Manage and mentor the Information Security Team focusing on vertical and horizontal development.
- Research topics in cybersecurity to stay ahead of the learning curve including emerging trends, technologies, threats, and vulnerabilities to always stay current with emerging threats and risks.
Qualifications
- 10+ years of experience in information security supporting risk management initiatives across security pillars including operations, GRC, IAM, awareness, and architecture.
- 5+ years of management experience leading information security programs including security operations, engineering, and architecture.
- 2+ years of experience supporting data privacy programs globally.
- Experience leading organizations through the ISO 27001, SOC, or similar certification processes.
- Experience securing OT environments.
- Experience building and maturing IAM programs.
- Possess a learning mindset; proactively staying current with new technologies, risks, and trends.
- Extensive experience leading teams in support of securing client and server operating systems (Windows/Linux).
- Deep experience securing and monitoring multi-cloud environments; AWS / Entra.
- Expert working knowledge of current IT risks coupled with experience implementing effective and appropriate risk management treatments.
- Ability to interact with people at all levels of the business with excellent written and communication skills; experience with public speaking / reporting a plus.
- Experience working in a security operations environment performing security monitoring and incident response activities.
- Advanced understanding of core IT protocols and security architecture fundamentals.