Share this Job

Information Security Director

Date: Aug 1, 2019

Location: Nashville, TN, US, 37228

Company: A. O. Smith Corporation

Company / Location Information

Why A. O. Smith? 

Water technology is one of the fastest-growing industries in the world, and, as a leading global water technology company, A. O. Smith Corporation is at the center of the trend. We are a $3 billion company with 144-year history and employ more than 16,000 men and women. With manufacturing operations in the United States, Canada, Mexico, China, India, and Europe, A. O. Smith has the global reach to serve customers worldwide. We have sales and distribution in more than 60 countries around the world. A. O. Smith is committed to continuous improvement, not just in its factories and its processes, but in its people.  We value people who are able to analyze problems and take rapid, decisive action. 


What is great about this opportunity?

  • You will be joining a stable, but growing organization committed to strong financial performance, strategic acquisitions, global expansion and the highest ethical standards of conduct.
  • You will be representing a company that makes products that improve quality of life and are considered top of the line.
  • You will be joining a cohesive team that supports each other in accomplishing shared goals.

Primary Function

AO Smith is seeking a passionate and motivated leader who will be responsible for leading and driving all information security activities at AO Smith Corporation.  The Information Security Director will ensure alignment of all security activities with established standards, policies, and procedures.  This resource will serve as the primary strategic leader for information security efforts across the global enterprise. 

Scope of Responsibility


  • Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program.
  • Manage the enterprise's information security organization.
  • Working with the information security steering committee, develop, maintain and update information security policies, standards and guidelines following the NIST or other accepted framework
  • Provide regular reporting on the current status of the information security program to senior business leaders.
  • Lead development and maintenance of the enterprise Incident Response Plan.
  • Work directly with the business units to facilitate IT risk assessment and risk management processes.
  • Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
  • Ensure that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings
  • Create and manage information security and risk management awareness training.
  • Recommend, prioritize, lead and coordinate implementation of Information Security technologies, tools and projects.
  • Lead SOX IT general controls and compliance audit and remediation activities and ensure proper implementation across the company. Ensure that programs are in compliance with relevant laws and regulations
  • Researches new technologies, architectures, and security products that will support the future security objectives for the enterprise.


  • The design and implementation of an Information Security scorecard.
  • Maintains adherence to established security Key Performance Indicators (KPIs).
  • Management and enhancement of corporate information security awareness training.
  • Sets, maintains and improves alerting and monitoring of all systems, applications and critical security tools and processes.
  • Prepare and conduct regular Information Security briefings with the executive team.
  • Stays abreast of new and developing security technologies and industry trends.
  • Experience in developing and assessing technical and process-based controls, managing risk assessments/investigations, and working with organization management to integrate controls into the scope of existing business practices.
  • Performs security periodic security assessments at multiple locations including international.
  • Significant understanding of information security regulations (Sarbanes-Oxley IT controls, Payment Card Industry (PCI), GDPR, etc.).
  • Knowledge and familiarity with IT Networks and IT Systems concepts, including IT Infrastructure setup and troubleshooting.
  • Knowledge and experience with a wide variety of security tools and capabilities.


  • Bachelor’s degree in Information systems, computer science, or related field.
  • 7+ years of experience in Information Security working at the management level.
  • Excellent teamwork, problem solving, and risk-based prioritization skills
  • Experience in an internal leadership role and a position involving engagement with customers, regulators and vendors.
  • Demonstrated ability to think strategically and drive the design and implementation of projects within the scope of responsibility..
  • Excellent written and verbal communication skills; interpersonal and collaborative skills; the ability to communicate security, privacy, and risk-related concepts to all employees including executives.

We Offer

Competitive base salary, bonus plan and comprehensive benefits plans which include medical and dental insurance, company-sponsored life insurance, retirement security savings plan, short- and long-term disability programs and tuition assistance.

Nearest Major Market: Nashville

Job Segment: Information Security, Manager, Corporate Security, Information Systems, Technology, Security, Management