IT Security Operations Leader

The GIS (Global Information Services) Security Operations Leader is a critical member of the Owens Corning Information Security team and has global responsibility for 24x7 security monitoring, threat hunting and threat intelligence, vulnerability management, and incident response.  This role is key to ensuring security risks are identified and addressed in a timely manner while leveraging enterprise platforms and partners to ensure optimal service delivery.  Primary responsibilities of this role are to design and manage IT security platforms, monitoring and incident response processes for security issues. 

Curiosity, motivation to learn, impeccable integrity and honesty are requirements of this role. The GIS Security Operations Leader must pass a thorough background check and be clear of any technology related crimes or violations of security policies. He/she may be required to sign a non-disclosure agreement prior to interviews and must agree to random monitoring of network activity to ensure compliance with corporate information security and other policies.

Reports to:                          Global Security Operations Leader

Span of Control:                People leader; direct reports and leadership of service providers delivering security operations and monitoring services

Knowing Our Businesses and their Strategies

• Build relationships within the organization, cross-functionally, and with key stakeholders; ensure effective contact to remain aligned with functional objectives
• Understand the strategic direction of the company’s businesses and execute functional strategies to support and enhance business results; be knowledgeable of the project work that supports this direction and implications to the business
• Understands relationships with our customers and understands what it takes to ensure their success
• Know what best-in-class Information Technology (IT) organizations do and obtain outside-in market insights to understand and then apply to positively impact Owens Corning
• Lead security initiatives to support business objectives including acquisitions and divestitures
• Understand organizational and security risk and apply risk management strategies

Developing and Executing Strategy

Security Operations                                                                                                                                                 

• Stay current on cyber threats and threat actor tactics and techniques
• Develop and implement tools, processes, and platform integrations to detect and respond to anomalies
• Utilize threat intelligence to perform threat hunting
• Implement controls to monitor and reduce cyber risks
• Design, implement, and maintain security controls and solutions
• Govern third party security services to support security operations
• Align with stakeholders for continuous security improvements in multiple GIS functional areas
• Coordinate periodic independent security audits, penetration tests, and exercises to inform areas of focus for continuous improvement
• Oversee vulnerability management program, assist with prioritization and escalate remediation plans as needed
• Coordinate with OT security on monitoring and response procedures for manufacturing systems

Management and Reporting

• Summarize security events and incident data into compelling reports that are easy to read, interpret and understand
• Lead incident response in the event of security issues
• Develop relevant security metrics to measure program effectiveness and present for leadership review
• Demonstrate strong attention to detail to ensure consistent data integrity and accuracy
• Identify areas of waste (process, time, etc.) and ideate and execute action plans to reduce risk and streamline processes

• Identify opportunities to improve the delivery of security operations and plan implementation of those improvements

Lead and Influencing in the Function

• Drive continuous improvement initiatives within the department and cross-functionally; encourage others to identify areas of waste (process, time, etc.); ideate and execute action plans to create productivity
• Collaborate with cross-functional teams such as HR, legal, and GIS on identity security solutions and automation and mobile capabilities.
• Create an inclusive environment where the team looks at you as a highly regarded leader and mentor

Lead and Developing Talent

• Invest in personal growth and development, clearly focused on self-learning
• Capture the value of continuous learning and ongoing development opportunities
• Foster a high-performing, well-connected global team culture that emphasizes collaboration, accountability, curiosity, and innovation
• Develop and execute a talent strategy that includes upskilling, mentoring, acquisition, and succession planning to ensure long-term team resilience and leadership continuity
• Promote diversity of thought and experience within the team to drive innovation and adaptability
• Create an environment where talent is developed through effective performance management and evaluation
• Capture the value of continuous learning and ongoing development opportunities
• Effectively build a high talent team using the appropriate mix of external resources, internal and external recruitment to satisfy near-term performance, longer-term succession needs, and to ensure the organization has the necessary outstanding talent
• Ensure direct reports have meaningful development objectives and robust development plans
• Be engaged in personal development and stay updated on the latest information security trends and best practices

JOB REQUIREMENTS

Minimum Qualification

• 10+ years of information technology experience, with a BA or BS degree in computer science, MIS, or equivalent
• IT Security certifications preferred
• 5+ years of cyber security experience
• Competence in project management theory, knowledge, skills, tools and techniques
• Strong overall IT knowledge in multiple domains to understand technical risks: networking, servers, cloud infrastructure
• Experience with security technologies such as identity and access management tools, cloud infrastructure-as-a-service tools, firewalls, SIEM, detection and response platforms, and automation.
• 3 years’ experience in leading a high-performing team

Preferred Experience

• Manufacturing industry work experience
• Managing security service providers
• Leading geographically dispersed teams

Knowledge, Skills, and Abilities

• Proven ability to build strong relationships and inspire trust with multiple stakeholders across GIS and OC Businesses to get results
• Verbal and written communication skills with the ability to deliver the message effectively based on the audience
• Risk assessment and threat modeling to prioritize security controls and mitigations
• Strong analytical and problem-solving abilities
• Demonstrate the ability to be a self-starter with a sense of curiosity and desire to continuously learn, improve, and grow
• Organizational skills to handle multiple priorities and proven ability to execute and deliver results
• Demonstrates the ability to be a team player with the ability to energize and engage others
• Service-oriented individual with high personal standards and a hands-on work style
• Curiosity about new technologies
• Ability to travel, domestically and internationally, approximately 10%