Director, Cyber Security

Reporting to the CIO with a dotted line to VP of Infrastructure, this critical impactful security leadership position will strategically and tactically lead the overall benchmarking, execution, and validation of all Information Security functions for Rexnord. This hands-on position requires a flexible, well-rounded individual, who is as comfortable with setting the global IT Security strategy as they are with performing the work to help implement the strategy. Rexnord is seeking a strong leader with the ability to own and advance an industry leading Cyber Security program. This is a unique opportunity to build on a solid foundation, design and implement your vision of an industry leading security program, and build a high performing security organization with the opportunity to grow the career of you and your team.
Responsibilities
Ownership and oversight for the implementation and operation of Rexnord cybersecurity programs and information security tools, technologies, solutions, and methodologies.
Benchmarking and research of industry leading security practices and tools, validating the Rexnord environment is protected with current required leading security solutions and services.
Develop, implement, and validate Rexnord security strategies, security awareness programs, security architecture, and security incident response.
Lead and drive security efforts, including but not limited to access control, monitoring configuration, security patch testing, configuration management and incident response
Educate IT and company leaders on appropriate security risk and mitigation strategies, using a risk-based framework to priorities actions and focus.
Hire, train, coach, mentor cyber security personnel, including the coordination and integration of partner solutions and services.
Responsible for the Security Operations Center to ensure security tools are effectively utilized and operating, identify gaps in process or procedure and implement new solutions accordingly.
Provide metrics and measures of validated security effectivity across both actionable continuous improvement IT forums and governance and change management business forums
Develop and maintain appropriate response playbooks, facilitate routine exercises, and ensure a sound communication process for all cyber events
Develop and oversee effective disaster recovery policies and standards to align with company business continuity management program goals. Coordinates development of implementation plans and procedures to ensure business critical services are recovered in the event of disasters or other incidents, and provides direction, support, and in-house consulting in these areas.
Ensure that sensitive data is protected from unauthorized Organizationification, destruction, and disclosure.
Leadership Competencies
Drives Results - Consistently achieving results, even under tough cOrganizationumstances.
Strategic Mindset - Seeing ahead to future possibilities and translating them into breakthrough strategies.
Builds Effective Teams - Building strong-identity teams that apply their diverse skills and perspectives to achieve common goals.
Cultivates innovation - Creating new and better ways for the organization to be successful.
Qualifications
Experience and Skill Required
Four-year degree in Information Security, IT Engineering, or Computer Science and/or relevant work experience
10+ years of progressive experience leading complex global cybersecurity programs, with 5+ years of demonstrated security program leadership
CISSP, SANS, GIAC, CISM, CISA are preferred
Demonstrated experience designing, architecting, and implementing Cyber Security programs and technology platforms in each of the following areas
Policy and compliance
Identity, device, applications, infrastructure, network, and data controls
Vulnerability management/vulnerability response
Cyber response/incident response management
Vendor risk management
Business continuity management
Advanced knowledge of Windows client/server and internetworking security concepts, best practices, and procedures
Hands on technical experience is essential (firewall, Microsoft technologies), with exposure and experience to advance security technology solutions
Experience in Intrusion Protection Systems (IPS)/Intrusion Detection Systems (IDS) technologies
Experience in IaaS/SaaS environments
Broad understanding of all aspects of IT and enterprise systems interoperability
Experience with Data Classification, Data Privacy (GDPR, CCPA) and Regulatory Compliance (ITAR, EAR)
Ability to communicate technical topics (verbal and written) to multiple organizational levels