Information Security Director
Company: Ball Aerospace
Location: Westminster
Posted on: February 25, 2021
|
|
Job Description:
Powered by endlessly curious people with an unwavering mission
focus, Ball Aerospace pioneers discoveries that enable our
customers to perform beyond expectation and protect what matters
most. We create innovative space solutions, enable more accurate
weather forecasts, drive insightful observations of our planet,
deliver actionable data and intelligence, and ensure those who
defend our freedom go forward bravely and return home safely. For
more information, visit--Ball Aerospace Career Site --or connect
with us on LinkedIn , Facebook , Twitter --or Instagram . The
Security and Mission Assurance Strategic Support Unit provides
discriminating support to the business to ensure success. We focus
on threat identification, risk assessment, and mitigation while
improving the efficiency of the business through effective
governance and analysis of process, data and overall business
knowledge. Information Security Director The Information Security
Director shall lead a group of highly skilled, multidisciplinary
team of security professionals responsible for the execution of
various enterprise-wide security functions, information security,
and National Industrial Security Program compliance. The individual
will also work closely with and report to the Chief Information
Security Officer (CISO) within Security & Mission Assurance.
Individual will provide both tactical and strategic guidance on
security practices across various enterprise manufacturing and
business support systems. The successful candidate will work across
the business to determine acceptable levels of information security
risk for the organization. The candidate must be highly
knowledgeable of the business and external threat environment and
be able to build a picture of how both the business drivers and
external threats impact a specific risk profile. They will also
work with the CISO to establish a program to identify, evaluate and
report on enterprise security risks in a manner that meets
compliance, regulatory requirements. This position is at a Senior
level and requires a visionary leader with sound knowledge of
business management and a detailed knowledge of security
technologies and threats inherent within the Defense Industrial
Base. The successful candidate will proactively work with business
units and functional groups to implement the enterprise risk
management strategy. The ideal candidate is an articulate and
persuasive thought leader who builds consensus and can serve as an
effective member of the Security & Mission Assurance leadership
team. The candidate must maintain objectivity with a strong
understanding that security is one of many business activities and
should enable the business and provide it a competitive advantage.
Ultimately, the mission of the IS Director is to add business value
and create competitive advantage for the business through effective
and efficient risk management strategies. What you'll do:
---Work in concert with the Information Security team to ensure
enterprise-wide compliance with the National Industrial Security
Program Operating Manual (NISPOM) and ensure audit readiness for
DCSA vulnerability assessments.
---Develop and monitor processes and procedures to protect
information at rest (includes all information storage objects,
containers, and types that exist statically on physical media,
whether magnetic or optical disk) and in transit (when data is
being transferred between components, locations, or programs) to
include management of USG cryptographic equipment.
---Aid in the development of a company-wide Security Awareness,
Training, and Education program to protect company proprietary and
customer owned information.
---Support the CISO in the development, implementation and
monitoring of a strategic, comprehensive enterprise information
security and information technology (IT) risk management program to
ensure the integrity, confidentiality and availability of
information is owned, controlled or processed by the
organization.
---Build, develop and manage effective cyber threat and policy
governance security organizations, consisting of direct reports and
indirect reports. This includes hiring, training, staff
development, performance management and conducting annual
performance reviews.
---Facilitate information security governance through guidance &
participation in an information security steering committee.
---Develop, maintain and publish up-to-date information security
policies, standards and guidelines. Oversee the approval, training,
and dissemination of security policies and practices.
---Develop and manage information security budgets.
---Create and manage information security and risk management
awareness training programs for applicable employees and
contractors.
---Work directly with the business units to facilitate IT risk
assessment and risk management processes. Work with stakeholders
throughout the enterprise on identifying acceptable levels of
residual risk.
---Create a framework for roles and responsibilities regarding
information ownership, classification, accountability and
protection.
---Develop and enhance an information security management framework
based on, but not limited to: The International Organization for
Standardization (ISO) 2700X, ITIL, COBIT/Risk IT and National
Institute of Standards and Technology (NIST 800-53, 800-171).
---Provide strategic risk guidance for IT projects, including the
evaluation and recommendation of technical controls.
---Ensure security programs are compliant with relevant contracts,
laws, regulations and policies to minimize or eliminate risk and
audit findings.
---Aid in defining and facilitating the information security risk
assessment process, including the reporting and oversight of
treatment efforts to address negative findings.
---Manage security incidents and events to protect IT assets,
including intellectual property, regulated data and the company's
reputation.
---Monitor the external threat environment for emerging threats and
advise relevant stakeholders on the appropriate courses of action.
Report on any data exfiltration within program guidelines.
---Conduct risk assessments for Ball Aerospace-wide processes and
make major system risk decisions.
---Responsible for selecting solutions to enhance security controls
to include security policies and procedures consistent with State,
Federal, and contractual obligations.
---Facilitate a metrics and reporting framework to measure the
efficiency and effectiveness of the program, facilitate appropriate
resource allocation and increase the maturity of the security.
---Understand and interact with related disciplines through
committees ensuring consistent application of policies and
standards across all technology projects, systems and services,
including (but not limited to) privacy, risk management, compliance
and business continuity management.
---Maintain a regular and predictable work schedule.
---Establish and maintain effective working relationships within
the department, the Strategic Business Units, Strategic Support
Units and the Company. Interact appropriately with others in order
to maintain a positive and productive work environment.
---Perform other duties as necessary. What you'll need:
---BS/BA degree in a related field plus 15 or more years of related
experience.
---Each higher-level degree, i.e., Master's Degree or Ph.D., may
substitute for two years of experience. Related technical
experience may be considered in lieu of education. Degree must be
from a university, college, or school which is accredited by an
agency recognized by the US Secretary of Education, US Department
of Education.
---Master's degree is highly preferred. Other security-related
certifications are highly desirable. (e.g. CISSP, CISM, CISA,
etc.)
---Minimum of five years serving in senior leadership roles, and
minimum of 10 years of experience in a combination of risk.
management, information security and/or IT Security related
roles.
---Proven track record and experience in developing information
security policies and procedures, as well as successfully executing
programs that meet the objectives in a dynamic environment.
---Proven track record of partnering directly with executive
leadership and aligning security initiatives with IT and Business
strategy/objectives.
---Knowledge of common information security management frameworks,
such as NIST 800-171, CIS Top 20, ISO/IEC 27001, and ITIL.
---Excellent written and verbal communication skills, interpersonal
and collaborative skills.
---Ability to effectively and clearly communicate security and
risk-related concepts to technical and nontechnical audiences.
---Must be a critical thinker, with strong problem-solving skills,
project management skills: financial/budget management, scheduling
and resource management.
---A strong solution orientation with a penchant for not only
identifying problems but also finding ways of solving them within
typical business constraints.
---Ability to lead and motivate cross-functional, interdisciplinary
teams to achieve strategic goals.
---Ability to professionally handle confidential matters and show
an appropriate level of judgment and maturity.
---High degree of initiative and ability to work with little
supervision.
---Department of Defense and/or Defense and Aerospace industry
experience preferred.
---Top Secret Security clearance is highly desirable, with the
ability to acquire and maintain this level of clearance. Working
Conditions:
---Work is expected to be performed in an office environment,
laboratory, clean room, or production floor.
---Must be able to work efficiently & effectively in a remote
environment when necessary
---Travel and local commute between Ball campuses and other
possible non-Ball locations may be required.-- Future Clearance
Required: A current DoD clearance and/or SCI access with Polygraph
is not required to be eligible for this position, however applicant
must be willing and eligible for submission within 60-90 days after
an offer is accepted and must be able to maintain the applicable
clearance/access. By applying to this position, you are agreeing to
complete a National Security Clearance Pre-Screen Questionnaire to
evaluate your general ability to obtain the required security
clearance or government customer access associated with this
position. Relocation for this position is available US
CITIZENSHIP--IS REQUIRED Ball Aerospace is an Equal
Opportunity/Affirmative Action Employer. All qualified applicants
will receive consideration for employment without regard to race,
color, religion, sex, pregnancy, sexual orientation, gender
identity, national origin, age, protected veteran status, or
disability status.
Keywords: Ball Aerospace, Denver , Information Security Director, Executive , Westminster, Colorado
Click
here to apply!
|
Didn't find what you're looking for? Search again!
Other Executive JobsCustomer Success Manager Description: Company DescriptionBrandfolder is on a mission to make managing your digital assets a seamless process. We aim to deliver the world's most powerfully simple platform for storing, sharing and showcasing (more...) Company: Brandfolder Location: Denver Posted on: 03/1/2021 Scaling and Business Development Manager Description: hear.com is the fastest-growing hearing care company globally. We are driven by our belief that every person should hear well to live well. With our unique digital business model, we have changed the (more...) Company: hear.com Location: Denver Posted on: 03/1/2021 Assistant Manager - Management Trainee-Denver/Aurora Description: 2446 S Colorado Blvd, Denver, CO 80222 11008 E Colfax Ave, Aurora, CO 80010 2280 S Havana St, Aurora, CO 80014 NO AUTOMOTIVE EXPERIENCE REQUIRED SOME MANAGEMENT EXPERIENCE AND COLLEGE COURSE WORK IS (more...) Company: Discount Tire Location: Denver Posted on: 03/1/2021 Enterprise Client Feedback Experience Manager - Spectrum Enterprise Description: At a glance: ul Are you an analytical professional experienced at developing and implementing client experience strategies and plans Can you commit to a position managing client and team member feedback, (more...) Company: Spectrum Location: Watkins Posted on: 03/1/2021 Restaurant Manager Description: Restaurant Operations br br Location: Nationwide br br The journey begins in one of our restaurants. Over Company: Hillstone Restaurant Group Location: Denver Posted on: 03/1/2021 Traveling Construction Project Manager Description: Job DescriptionOur Client, an industry leading heavy civil construction firm seeks a dynamic Project Manager to travel to projects as needed around Colorado. They are a public works/DOT contractor specializing (more...) Company: Peterson Consulting Group Location: Denver Posted on: 03/1/2021 Media Marketing Manager - Spectrum Enterprise Description: At a glance: ul Are you a creative and organized professional skilled in developing, planning and managing the overarching paid media strategy and plans for a business-to-business B2B media program (more...) Company: Spectrum Location: Denver Posted on: 03/1/2021 Travel - RN/RN-Case Management Description: Come work at LRS Healthcare, the leading company in our industry. We re proud of our 4.7 rating on Glassdoor and 4.6 rating on Indeed. We are seeking to hire a talented traveling Case Management to join (more...) Company: LRS Healthcare Location: Denver Posted on: 03/1/2021 Sr Product Delivery Manager - Voice Services Description: Company Overview: br Charter Communications is America's fastest growing TV, internet and voice company. We're committed to integrating the highest quality service with superior entertainment and communications (more...) Company: Spectrum Location: Morrison Posted on: 03/1/2021 Enterprise Client Feedback Experience Manager - Spectrum Enterprise Description: At a glance: ul Are you an analytical professional experienced at developing and implementing client experience strategies and plans Can you commit to a position managing client and team member feedback, (more...) Company: Spectrum Location: Dacono Posted on: 03/1/2021 |