Sr Manager Global Information Security and Compliance

Pittsburgh, PA, US

Kennametal

Kennametal is a leading provider of productivity solutions for metalworking, earth cutting, and wear components, coatings, and powders.

View company page

With over 80 years as an industrial technology leader, Kennametal Inc. delivers productivity to customers through materials science, tooling and wear-resistant solutions. Customers across aerospace, earthworks, energy, general engineering and transportation turn to Kennametal to help them manufacture with precision and efficiency. Every day approximately 8,700 employees are helping customers in more than 60 countries stay competitive. Kennametal generated $2 billion in revenues in fiscal 2022. Learn more at www.kennametal.com. Follow @Kennametal: Twitter, Instagram, Facebook, LinkedIn and YouTube.

Sr Manager Global Information Security and Compliance

Location - Remote within the US

 

Job Summary

The Senior Manager, IT Security and Compliance, under the direction of the Director, IT Security and Compliance, focuses on the development and execution of the Kennametal security strategy, including security policies and procedures, governance, identity management, OT security, education, and the continuous improvement of Kennametal’s Security program.   The role requires the application of subject matter expertise in IT security and the individual acts as a mentor to technical security teams across the globe.  Additionally, the role will engage leaders across the organization in adopting improved security practices, and support compliance efforts in an ever-changing security environment. The position requires the candidate be a US Citizen, but location within the US is flexible.

 

Key Job Responsibilities

 

Leadership

  • Manage and provide technical guidance and leadership to multiple teams of security professionals aligned to the Kennametal security strategy
  • Extend the reach of the CISO in influencing the adoption of security improvements across Kennametal, and advocate for cybersecurity improvements with business leaders and project owners
  • Provide rapid technical security decisions for stakeholders
  • Continuously improve Kennametal’s Operations Technology Security practices
  • Influence, drive momentum, and promote operational excellence and security maturity
  • Develop and maintain a comprehensive information security and compliance strategy, framework, and roadmap that aligns with the business goals and industry best practices.
  • Establish and enforce information security and compliance policies, standards, and procedures, and monitor compliance with internal and external audits, regulations, and contracts.
  • Oversee the security and compliance of the IT infrastructure, systems, applications, and data, and ensure the implementation of security tools, technologies, and processes.
  • Build and maintain strong relationships with internal and external stakeholders, such as business units, vendors, customers, regulators, and auditors, and communicate security and compliance requirements, expectations, and best practices.

 

Risk Management

  • Reduce risk to Kennametal through the development and adoption of structured risk management practices

 

Build Situational Awareness

  • Implement and monitor Key Performance Indicators and measurements to evaluate the state of the security program
  • Continuously identify indicators of operational security weaknesses and take appropriate improvement actions
  • Support analysis and management reporting for enterprise security improvements
  • Support the Kennametal Managed Security Service Provider relationships
  • Support high-impact incident management and act as an escalation point for security incidents

 

Threat Management

  • Assist in the design, implementation, and management of a cyber threat intelligence program

 

Compliance Management

  • Manage US Government information security compliance requirements (NIST 800-171/CMMC)
  • Support Global Data Privacy compliance efforts
  • Support global audit requirements
  • Encourage adoption of standard security architectures and solutions

 

 

Requirements

  • 7 to 10 years’ experience in roles related to advanced information security
  • M.S in information assurance (or related technical field) with minimum of 7 years’ experience with enterprise security topics (incident response, IAM, risk, vulnerability management, cyber intelligence, security architecture, insider threat, supply chain risk management, DR/BCP, others)
  • Familiarity with industry standards for cybersecurity (NIST CSF, CMMC, ISO27001, ATT&CK, others)
  • Experience with NIST 800-171 compliance
  • Strong network security knowledge
  • At least 3 years’ experience managing teams of security professionals.
  • Exemplary verbal and written communication skills (English business fluent spoken and written)
  • Demonstrated ability to think strategically and perform detailed, complex analysis and data interpretation
  • Ability to work under pressure and deal with ambiguous situations

 

Ideal, but not required

  • Experience in a global corporation, including German Workers Councils
  • Familiarity with global data privacy regulations and requirements (e.g., GDPR, Chinese PIPL, others)
  • Familiarity with Zero Trust and/or SASE concepts, cloud architectures, and Operations Technology, standard cybersecurity frameworks
  • Hands-on experience with OT Security
  • Familiarity with ITIL
  • Understanding of security concerns related to software development practices (secure coding, DevSecOps…)
  • Foundational understanding of insider threat
  • Experience with information sharing and analysis center(s) (ISACs)

 

Required Licenses & Certificates

  • Candidates must be US Citizens
  • General security certification (CISSP, GIAC, CISM)
  • Technical security certifications (various)

 Kennametal Inc. is an Equal Employment Opportunity employer. As such, it is the policy of Kennametal Inc. to afford equal employment opportunity without regard to race, color, religion, sex, national origin, age, handicap, disability, marital status, sexual orientation, citizenship status, veteran status, or other protected status, group, or characteristic under federal, state, and/or local law or regulation. It is Kennametal Inc.'s policy to comply with all applicable laws and regulations.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Audits CISM CISO CISSP Cloud CMMC Compliance DevSecOps GDPR GIAC Governance IAM Incident response Industrial ISO 27001 ITIL IT infrastructure Network security NIST Privacy Risk management SASE Security strategy Strategy Threat intelligence Vulnerability management Zero Trust

Region: North America
Country: United States
Job stats:  4  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.