Share this Job

Director of Global Information Security

Date: Jan 19, 2023

Location: Nashville, TN, US, 37228

Company: A. O. Smith Corporation

Company / Location Information

We are one of the world’s leading manufacturers of water heating and water treatment technologies in the world. We are a $3.5 billion company with 140+ years history and we employ more than 12,000 individuals globally who pride themselves on providing the world with innovative water technology. We are committed to Continuous Improvement, not just in our factories or processes, but in our people.

Primary Function

AO Smith is seeking a passionate and motivated leader who will be responsible for leading and driving all information security activities at AO Smith Corporation.  The Information Security Director will ensure alignment of all security activities with established standards, policies, and procedures.  This resource will serve as the primary strategic leader for information security efforts across the global enterprise. 

Scope of Responsibility

  • Lead all aspects of the Information Security program for AO Smith across the enterprise.
  • Represent information security in strategic security planning, budgeting and work prioritization.
  • Provide leadership and coordination of compliance activities related to information security policies and standards.
  • Recognize, assess, and address changes that have the potential to introduce increased Information Security risk.
  • Responsible for developing Operational Technology(OT) strategy and security protection program, including completing a risk ranked inventory of all OT systems
  • Leads the Identity and access management program, developing the solutions architecture, implementation and on going Global support

Responsibilities

 

  • Participate in data breach incident response. Provide leadership for breach response and notice actions, owning the corporate data breach responses to customers, regulators, and other stakeholders.
  • Lead risk management decision-making and processes involving each facility within the framework established in the enterprise Information Security program.
  • Partner with Accounting and Legal teams to review customer contracts for security, privacy, and technical requirements.
  • Lead and coordinate implementation of Information Security technologies and projects.
  • Drive prioritization of day-to-day activities in the information security team.
  • Evaluate vendor solutions and ensure their adherence to Information Security standards and policies..
  • Continue to facilitate or initiate opportunities to improve all aspects of information security protection.
  • Responsible for security team budget, timelines and resource allocations to support AO Smith project portfolio and operational processes.
  • Participate in resource planning, recruiting and interviewing.
  • Identifies opportunities for Enterprise wide training and certifications to continuously improve.
  • Identify, establish, and maintain strategic relationships with key stakeholders to help increase the maturity of the Information Security program through business and IT.
  • Serves as a security expert across all technology platforms including: network, infrastructure, Web sites/external facing solutions, cloud applications and applications development.
  • Researches, designs, and advocates new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors.

Role Specific Responsibilities

  • Maintains adherence to established security Key Performance Indicators (KPIs).
  • Management and enhancement of corporate information security awareness training.
  • Sets, maintains and improves alerting and monitoring of all systems, applications and critical security tools and processes.
  • Prepare and conduct regular Information Security briefings with the executive team.
  • Stays abreast of new and developing security technologies and industry trends.
  • Experience in developing and assessing technical and process-based controls, managing risk assessments/investigations, and working with organization management to integrate controls into the scope of existing business practices.
  • Performs security periodic security assessments at multiple locations including international.
  • Significant understanding of information security regulations (Sarbanes-Oxley IT controls, Payment Card Industry (PCI), GDPR, etc.)
  • Skill in developing and maintaining effective strategic relationships with leadership and key stakeholders.

Qualifications

  • Bachelor’s degree in Information systems, computer science, or related field.
  • 7+ years of experience in Information Security working at the management level.
  • Excellent teamwork, problem solving, and risk-based prioritization skills
  • Experience in an internal leadership role and a position involving engagement with customers, regulators and vendors.
  • Strong verbal and written communication, including the ability to translate technically complex issues into easy to understand concepts.
  • Demonstrated ability to think strategically and drive the design and implementation of projects within the scope of responsibility.
  • Strong leadership skills, personal drive, and ability to see projects through to execution.
  • Excellent written and verbal communication skills; interpersonal and collaborative skills; the ability to communicate security, privacy, and risk-related concepts to all employees including executives.

Education

Bachelor's Degree in Information Technology Management or Related Field

Years of Experience

Minimum of 7 years of related work experience or training

We Offer

Competitive compensation package and comprehensive benefits plans which include medical and dental insurance, company-sponsored life insurance, retirement security savings plan, short- and long-term disability programs and tuition assistance.


Nearest Major Market: Nashville

Job Segment: Information Security, Corporate Security, Wastewater, Water Treatment, Computer Science, Technology, Security, Engineering