Senior IT Security Manager

Job Summary: This position is part of the Central IT Department / Information Security team.  It includes leadership and management of the teams responsible for monitoring the internal and external threat environment and for investigating and responding to events; information security engineers implementing and manaing security solutions and working to proactively discern opportunities to buttress the security of our systems and data.  Work closely with other teams to refine our understanding of threats, assess risk and provide recommendations for improving our security posture.  Test, implement, and improve incident response, vulnerability management, disaster recovery plans, and information security plans and related processes.  Manage Information Security related projects and implementation of security tools.  Be an integral part in the continuing growth the Information Security team and program at Constellium.

Responsibilities

• Participate in the development and implementation of business/organization wide security standards, processes, procedures, and guidelines.
• Approach requirements gathering and solution implementation as an Enterprise Architect would; understand the business needs, processes and technologies needed to achieve the business’s strategic objectives.
• Work closely with internal teams and other business units to remediate events, assess risk and provide recommendations to improve our security posture.
• Coordinate security testing/audits/assessments of information solutions, as well as participate in audits.
• Manage forensic investigations, incident responses, and implement information security frameworks, specifically NIST, and ISO.
• Support and foster a security-by-design culture.
• Participate in and/or organize Information Security exercises such as tabletops to improve detection and response capabilities.
• Serve as security subject-matter expert for the IT Teams, Business Units, and other Security Professionals.
• Oversee global IT initiatives that aim to improve information security.
• Participate with the team in various security awareness activities such as communication and training campaigns.
• Engage in a variety of activities to continuously improve the security measures and processes.
• Promote a safe working environment by being always safety conscious.
• Other duties as assigned.

Qualifications

• BS degree in Engineering or Computer Science, or equivalent degree
• Information Security industry certifications such as CISSP, CISM, or equivalent.
• 10 years of experience in the Information Security preferably supporting larger manufacturing companies and in a matrix organization.
• Experience with working in globally distributed teams and work on projects or initiatives.
• Multiple years of in-depth experiences with one of multiple of the following ISO 27001/2, NIST 800-171, SOX.
• Experience in managing projects as a project manager and/or coach.
• Leadership experience in a global/international and distributed environment.
• Experience with convincing colleagues from other teams, functions, or business units, to understand and follow security requirements and remediate deviations thereof.
• Ability to work with and supervise external vendors.
• Self-starter with ability to work autonomously and with discipline.
• Comfortable with working in an international environment.
• Willingness to work hard in a fast changing and very demanding environment.
• Interest in continuous improvement activities and methods such as Lean, Scrum.

About Constellium
Constellium is a global leader of advanced aluminum products and solutions for a range of applications, leading to 2022 sales over €8 billion. Constellium headquarters are in Baltimore (US), Paris (France) and Zurich (Switzerland) and operates across 25 manufacturing sites in North America and West Europe (13,000 employees).
 

Constellium is an Equal Opportunity Employer: Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.