Director Of Cyber Security

BUILT TO CONNECT

Astec is a global, environmentally focused infrastructure and manufacturing company of asphalt road building and aggregate processing. Our mission is to design and build the most innovative products for the industries we serve. Leveraging innovative solutions and technologies, we serve customers all over the world.

ABOUT THE POSITION

The Director Cybersecurity is a thought leader, a builder of consensus and of bridges between business and technology. This is a senior level IT role responsible for overseeing enterprise cybersecurity. The role supervises aspects of IT security including strategy, design, development, implementation, incident response, budgets, and adherence to various regulations.

This role will propose, communicate, and manage the Cybersecurity program and ensure that it is updated regularly to reflect current industry attack vectors. The role also ensures that day to day protection is in place and working and needs to provide regular updates and metrics.

This role should be a hands-on working leader who closely collaborates with the Infrastructure and Applications IT teams. Will also work closely with internal and external audit. It will also manage a small team of direct reports as well as manage other resources on projects.

Key Deliverables

• Cybersecurity policies
• Cybersecurity score card
• Regular plans to improve Cybersecurity controls and tools
• Quarterly updated board slide on Cybersecurity
• Implemented and continuously improved Cybersecurity Strategy
• Successfully implemented projects
• Project plans and roadmaps
• Compliance to SEC and other legal/audit/government regulations and policies regrading Cybersecurity
• Cybersecurity incident response plan fully vetted, tested, communicated, and regularly updated
• Approved Cybersecurity Strategy

Key Activities & Responsibilities

• Develop and/or present on our current status as well as future state Cybersecurity posture
• Manage and report no Cybersecurity spend
• Protect Astec’s data, systems, and reputation
• Manage Cybersecurity center of excellence
• Develop and maintain various Cybersecurity policies and procedures
• Ensure 24 x 7 support for incidents and issues
• Develop Cybersecurity strategy
• Educate the Company regarding Cybersecurity
• Understand and ensure Astec is compliant with all internal and external laws, regulations, and policies
• Design Cybersecurity program
• Develop Cybersecurity board materials
• Prevention of Cybersecurity attacks
• Response and cleanup of successful Cybersecurity attacks using a well thought out and practiced Cyber Incident Response plan
• Manage Cybersecurity projects
• Develop Cybersecurity metrics and scorecard that successfully measures and communicates the program
• Manage risk
• Work with legal and HR on data privacy matters
• Regular testing and assessments of our Cybersecurity program

To excel in this role, we seek candidates who possess a blend of extensive experience and a comprehensive skill set, including:

• A track record of successfully implementing Cybersecurity measures within a public company setting, demonstrating your ability to manage complexities and security requirements specific to this environment
• Over 5 years of distinguished leadership experience within the realm of Cybersecurity
• Adept at coordinating multifaceted project activities, ensuring streamlined execution and optimal utilization of resources
• Comprehension of IT Infrastructure encompassing networks, servers, server rooms, desktop systems, and software, all considered through the lens of Cybersecurity to ensure comprehensive protection
• Thrive in a dynamic landscape, exhibiting flexibility and adaptability in managing workloads, navigating high-pressure scenarios, meeting deadlines, and seamlessly adapting to evolving circumstances
• An analytical disposition that empowers you to solve intricate challenges with precision.
• Proven experience in developing and implementing Data Privacy policies and processes, showcasing your commitment to safeguarding sensitive information and ensuring compliance with relevant regulations
• A minimum of 10+ years of hands-on involvement in various Cybersecurity capacities
• Possesses exceptional communication skills, including a knack for delivering compelling presentations that distill complex Cybersecurity concepts into accessible insights for diverse stakeholders
• Hold one or more of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified in Risk and Information Systems Control (CRISC), further validating your expertise
• Experience with NIST Cybersecurity Framework.
• A robust foundation, demonstrated by a BS/BA Degree in Computer Science, Business, or a related field, or an equivalent combination of training and experience, as evaluated and approved by management