We are looking for team members who bring ideas forward, champion others and work together to do better. Does that sound like you?
Cybersecurity Program Director
About The Job:
Nouryon’s Houston, TX location is looking for top candidates to fill the key role of Cybersecurity Program Director. This position is essential to:
- Establishing and executing cybersecurity programs that are highly effective and that deliver timely, sustainable cybersecurity solutions.
- Project Management and Program Management Frameworks.
- Mechanisms to drive high levels of performance and accountability.
- Process formalization and streamlining.
- Fusion of applicable areas across CISO Office functions.
- Enhanced visibility and accountability for workstreams.
- Oversight for the CISO Office PMO, GRC, Application Security, and Data Protection.
In Your Future Role as a Cybersecurity Program Director, You Will:
Work Management:
- Clarify definitions for tasks, initiatives, projects, and programs.
- Establish and maintain methodologies, processes, and tools to guide work management, yielding consistent, high quality performance of cyclical tasks.
- Develop and implement framework for initiative management, to promote consistency, streamline processes, improve accountability, and drive success of the CISO Office.
- Develop and implement framework for project management, aligning with Nouryon practices, yet being tailored for cybersecurity and CISO Office nuances.
- Develop and implement framework for program management, covering both the portfolio of cybersecurity projects as well as the higher level functional cyber programs.
- Produce and maintain tools, document templates, schedules, and other resources to empower individual contributors.
Project Management:
- Manage a limited portfolio of important, highly-visible projects, leveraging the established framework and methodology.
- Implement project management improvements, and train subject matter experts in maintaining their own project portfolio.
- Provide ongoing support and mentorship for project managers.
Program Management:
- Propose, develop, track, and report measurements, metrics, KPIs, and KRIs that drive quality deliverables across cybersecurity functions, gauge effectiveness of security controls, and ensure timely notification for program gaps.
- Create program management methodologies, such as Wiki’s, periodic business reviews, and support models. Maintain the overarching CISO Office program management structure, ensuring coherence and sufficiency.
- Manage multiple programs, leveraging the implemented framework. In this role, you will host periodic meetings with practitioners and stakeholders; drive creation of goals and tactical improvement plans; hold vendors accountable; support CISO Office strategy, budget, and operational planning efforts; gather and clarify requirements; and reporting health and efficacy.
- Drive cybersecurity fusion across functions, by activities such as regularly meeting with leaders and teams; assessing alignment of workstreams with requirements; seeking areas of opportunity and proposing improvements.
GRC:
- Provide direct leadership for GRC Manager, bolstering the efficacy of related functions and activities; accelerating compliance objectives; and closely aligning with internal audit.
- Enhance sustainability and efficiency for third-party security.
- Maintain security training & awareness activities, establishing maturity targets, tracking progress, and executing programs to yield a prepared workforce.
Application Security:
- Fuse operational SAP Security with related CISO Office functions; drive improvements to SSDLC for all areas; tighten requirements for code-level scanning; track technical efforts to provide assurance.
Data Protection:
- Work with stakeholders to mature the data protection program, including Information Technology, Legal, Compliance, and Business Leaders. Drive improvements to data classification, handling requirements, and related technologies (i.e. DLP).
We Believe You Bring:
- Bachelor’s degree (Advanced degree preferred) in Computer Science, Business Management, etc.
- Training in project management, lean six sigma, cybersecurity
- Knowledge of NIST, ISO standards and frameworks like COBIT and ISO/IEC 27001
- 10+ years of experience in information technology, with at least 5 dedicated to one or more area of cybersecurity (e.g., event/incident management, access management, vulnerability management, change management, business continuity, application security, asset management).
- 5+ years demonstrable experience in project management
We Believe You Have:
Technical Skills:
- Advanced knowledge of cybersecurity programs, solutions, risks, and controls.
- Ability to drive compliance with industry standards and frameworks such as ISO 27001, NIST, COBIT, etc.
- Strong Risk Management skills, to include implementing risk management framework, assessing and quantifying risks, driving development of risk treatment options, and developing executive reports.
- Familiarity of IT infrastructure, architecture, and cloud services from a security perspective.
- Proficient with MS Office, project management software, and GRC tools.
Analytical Skills:
- Strong ability to assess and mitigate risk, as well as to analyze complex security issues and provide realistic solutions.
Communication Skills:
- Excellent communication abilities, both written and verbal, to effectively explain complex cybersecurity concepts to various audiences, including technical and non-technical staff, management, and external stakeholders.
Organizational Skills:
- Ability to prioritize tasks, manage projects, and lead teams in a dynamic business environment.
Interpersonal Skills:
- Skilled at building relationships and gaining buy-in for security initiatives across all levels of the organization.
Leadership Skills:
- Excellent leadership skills, to include workforce development, performance management, coaching, mentoring, directing work, tracking and reporting progress.
- Financial and budget management skills required, to actively lead annual operating plan development, and to sync with corporate finance for tracking of budget vs actual expenses.
- Support development of the CISO Office strategy, and create applicable tactical operating plans to bring strategic objectives to fruition.
Good to know:
This is a permanent position on a full-time basis, reporting to the CISO based in Houston, TX.
Please apply via our online recruitment system. We will not accept applications via e-mail. Once it's with us we will review to see if we have a match between your skills and the role! For more information about our hiring process, visit: nouryon.com/careers/how-we-hire/
We look forward to receiving your application!
We kindly ask our internal candidates to apply with your Nouryon email via Success Factors.
About Nouryon:
We’re looking for tomorrow’s Changemakers, today.
If you’re looking for your next career move, apply today and join Nouryon’s worldwide team of Changemakers in providing essential solutions that our customers use to manufacture everyday products such as personal care, cleaning, paints and coatings, agriculture and food, pharmaceuticals, and building products. Our employees are driven by the wish to make an impact and actively drive positive change. If that describes you, we will gladly make way for your ambitions. From day one we support you with your personal growth, through challenging positions and comprehensive learning and development opportunities, in a dynamic, international, diverse, and proactive working environment.
Visit our website and follow us on LinkedIn .
#WeAreNouryon #Changemakers
We have already chosen our sourcing channels for this recruitment and kindly ask not to be contacted by any advertisement agents, recruitment agencies or staffing companies.
Nouryon is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected under applicable federal, state, or local law.