Start here, end here. There is a reason why we have so many employees with 20+ years with the company-Pace offers careers. Join us in becoming the premier die casting manufacturer and engineering solutions supplier worldwide.

Location: US

Position Overview
The Information Security Program Senior Manager will be responsible for managing and administering the information security program at Pace Industries ("Pace"). The Information Security Program Senior Manager will maintain and mature policies, procedures and guidelines to ensure information and assets are adequately protected.

Will also work cross-functionally with the business, with IT and supporting business functions to identify, develop, implement, and evolve information security controls and processes.

This role will oversee Pace's incident response.

This role is responsible for protecting our critical information systems, assets, designing and implementing solutions, providing training, and assisting in the development of an overall Information Security strategy.

Principal Duties and Responsibilities

Manage the Information Security Program

• Manage the information security program, providing governance risk and compliance and information security processes based on NIST Cybersecurity Framework
• Manage the security budget and allocate resources effectively.
• Develop, maintain and communicate information security policies, standards, procedures, and other documentation
• Manage independent Information Security Controls Audits & Assessments and Annual Penetration Testing/Risk Prioritizing/Remediation Management
• Conduct regular review and update of the Information Security Risk Register, including the regular tracking and review of risk assessments and risk treatment plans.
• Coordinate with Plant and Business Users to understand and assess the risks to the confidentiality, integrity, or availability of data in their areas, and identify potential risk mitigation strategies and controls
• Stay current and informed of the latest security issues that may pose a threat to Pace's environment
• Review proposed changes to Pace's Infrastructure and Application architecture to ensure that the changes consider, and are modified to reflect information security needs
• Guide incident response activities including standard IR procedure documentation, identifying root cause, threat hunt where warranted, identifying control improvements, assessing impact and reporting
• Manage Third Party Incident Response Retainer contract and services
• Lead Incident Response Testing & Readiness exercises, such as table-top exercises
• Develop key performance indicators (KPIs) and metrics to measure program effectiveness.
• Identify and lead Continuous Improvement initiatives for the Program

Build and Maintain a Culture of Security

• Design, develop and deliver an information security training and awareness program and ensure that it is delivered accordingly,
• Provide regular updates on information security, including risks, performance indicators, metrics and threats, to the Vice President of IT, to the Cyber Risk Committee and for the Audit Committee of the Board
• Mentor, coach and develop Information Security as well as IT Team members on Security topics

Manage the Information Security Architecture and Roadmap

• Evolve and Manage the Information Security Program Technology Roadmap, Architecture and Standards to simplify, optimize (cost and performance) and improve technology effectiveness against cyber threats to Pace business:
  • The Information Security Technology Architecture Roadmap, Requirements and Standards includes Network Security & Segmentation, Zero Trust Architecture, IPS/IDS, IAM, Cloud Security, SIEM, SOC, Email Gateway, Web Gateway, Security Event Logging and Monitoring, Endpoint Security, IT and OT Security, Patch and Vulnerability, Encryption, etc.
• Evaluate, architect, design, implement, and manage security-focused tools and services including on-prem solutions, cloud-based security solutions and solutions delivered by MSSP partners.
• Collaborate and partner with internal IT technology leadership and with external 3rd party technology and services providers for technical security roadmap, RACI, implementation and operations

Please note that the duties and requirements described are representative of the responsibilities of the role but not to be construed as an exhaustive statement of responsibilities.

Qualifications

• Bachelor's degree or equivalent
• 7+ years of information security experience; including leadership roles
• Professional information security certifications (CISSP, CISM, CCISO, CISA, CRISC)
• Experience in risk, compliance and information security policy development
• Solid knowledge of various information security frameworks, including NIST Cybersecurity Framework, ISO 27001, NIST SP 800-171 and TISAX
• Demonstrated ability to research, develop, and keep abreast of security tools, techniques, and process improvements in support of threat prevention, detection and analysis following current and emerging threats
• Knowledge of laws, regulations and commercial compliance requirements including but not limited to: IATF, TISAX, DFARS, ITAR.
• Manufacturing experience is preferred

Skills

• Strategic thinking and problem-solving abilities.
• Strong prioritization skills to evaluate multiple business needs and identify the top needs based on a balanced approach
• Ability to work with key stakeholders to gain consensus on priorities
• Excellent organizational and communication skills (both oral and written)
• Ability to educate a non-technical audience about various security measures
• Ability to function as a team player and be comfortable leading without authority
• Ability to influence and drive change.
• Must be proficient with the use of the Microsoft Office Suite (Outlook, Word, Excel and PowerPoint)Strong leadership and communication skills.

Hours and Travel Requirements

Core business hours

Occasional extended hours may be required during management escalation, critical incidents and platform upgrades.

Occasional travel to Pace Plants may be required.

Pace Industries offers competitive salaries with full benefits, including health/dental/vision/life/disability, PTO, and 401k with employer match.

Pace Industries is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.

Pace is a career destination for engaged, passionate and talented people who are driven to seek the innovation, growth and opportunity that only we offer.