Sr Director of Information Security – Billerica, MA - Hybrid - Cabot Corporation

Your Role at Cabot

Cabot has an exciting opportunity for a Sr Director of Information Security to join the Digital organization at one of our Cabot domestic locations in Boston or Billerica, MA.

This critical role is ideal for someone passionate about leading Cabot’s global cyber and data security programs and overseeing the overall Information and Data security of the entire organization. This leader provides strategic vision, scoping of requirements, design, development, implementation, incident response, budgets and adherence to all necessary protocols, regulations, and any legal requirements.

The highly visible position works with leaders across the organization to develop and implement a robust framework and appropriate technology and tools, matching the size and complexity of our organization with security strategy and operations right sized for our company and the information we safeguard. Additionally, this role will be responsible for building digital resiliency within the organization.

Overall, the role encompasses all aspects of information security across the enterprise, including:

• Web and Mobile application security
• Cloud
• Infrastructure and device security
• Security Awareness Training, Policy, and Compliance.

The role is a part of the Cabot Digital Leadership team and Manufacturing Security Council and responsible for presenting to Cabot’s Board of Directors on a quarterly basis.

This individual will join Cabot’s Digital organization in one of the listed Cabot locations and is eligible to participate in Cabot’s Flexible Working Arrangement (hybrid) program and requires 25% domestic and international travel.

How You Will Make an Impact

• Define and own a multi-year cybersecurity roadmap and key performance indicators focused on reducing cyber risk.
• Create quarterly, annual and long-term cyber security and cyber risk management goals, articulate strategies, define metrics, and provide necessary updates to executive leadership and the Board of Directors.
• Lead Security Incident Response, Third Party Information Security Assessment, Data Protection and Encryption, Identity & Access Management and Privileged User Access to protect customer and employee data.
• Define cyber security governance and control strategies for emerging technologies such as cloud & containerization, block-chain and distributed computing.
• Keep well informed of developing security threats, and proactively create strategies to understand and mitigate potential security problems that might arise from acquisitions or other big business moves.
• Develop, implement, and monitor a strategic, comprehensive enterprise-wide information security and risk management program.
• Provide strategic and tactical vision around adversary and threat detection, incident response, and asset fortification.
• Advise the CDIO, executive leadership, and digital leaders on security issues and threats.
• Responsibility for overseeing the design, testing and Implementation of all IT Security solutions.
• Oversight of the day-to-day control of the maintenance and monitoring live production environments.
• Strategic planning, leadership, staff development, training, and adherence to all legal, compliance and regulatory requirements.
• Definition, Scoping, Creation and execution of IT and Data Security strategies enhancing the reliability and security of the IT systems, projects, and underlying data at your organisation.
• Overseeing managers and teams that you are responsible for, allocating resources to ensure that staff deliver secure and robust IT solutions to any of the organisations identified and agreed requirements.
• Overseeing planning and execution of necessary vulnerability audits, penetration testing or forensic IT audits and investigations. Ensure that outputs improve organisation IT Security.
• Liaise with senior level directors, the organisations board and other key stakeholders plus managers, programmers, and IT Security risk-assessment staff under your remit.
• Oversee integration of new IT Systems Development with the organisations overall IT, Data, and Information Security policies.
• Oversee staff training in all the latest security awareness skills, check associated protocols, methodologies and procedures are implemented.
• Ensure compliance with any related legislation, such as the Data Protection Act, ISO standards or relevant government regulations.
• Plan budget allocations and associated financial forecasts relating to IT, Data, and Information security.
• Manage your staff’s technical and personal development, new hires, dispute resolution, redundancy and potentially termination of staff.
• Liaise with and manage your partners, stakeholders, vendors, and third-party service or solutions providers.
• Oversee projects, budgets and resources under your remit with a view to ensuring that your organisation gets a favourable return on IT investments in staff, hardware, software and service providers.
• GRC/Audit responsibility.

What You Will Bring to Cabot

• Degree in business administration or a technology-related field required.
• Relevant professional security management certification(s) required.
• 8+ years of experience in overseeing information, cyber and technology security required.
• Experience in a global manufacturing environment is required.
• Experience with contract and vendor negotiations and management including managed services.
• Specific experience in Agile (scaled) software development or other best in class development practices.
• Experience with Cloud computing/Elastic computing across virtualized environment.
• In depth project management skills.
• Good understanding of all current legislation and regulations pertaining to the organization.
• Successful track record of effective coordination, prioritization, collaboration, organization, and project delivery.
• Experience in financial forecasting and budget allocation.
• Knowledge of relevant IT Security related hardware, software, and vendor solutions.
• An overall understanding of the scripting and source code programming languages, such as C#, C++, .NET, Java, Perl, PHP, Python or Ruby on Rails etc.
• Practical experience of computer operating systems such as MS Windows, UNIX/Linux.
• Deep thinking analytical mind with the ability to quickly get to the root cause of issues.
• You will need to be organized, efficient and able to work unsupervised under your own initiative.
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
• Excellent written and verbal communication skills and high level of personal integrity.
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.

How We’ll Support Your Success:

• Dynamic, Flexible, Hard Working, Team Environment – We are busy, collaborative, growing, and we are doing really meaningful work.
• Hybrid Work Environment – The autonomy to both work from home 2 days a week and develop/sustain colleague relationships in the office 3 days a week.
• Benefits, Vacation, Etc. – We offer a competitive package of benefits.
• Feedback – we are committed to giving and receiving feedback in a direct and open fashion.
• Support – you are part of a team and deserve to feel encouraged and supported. You will be part of a team that cares about you personally and professionally. Our success depends on your success.

#LI-HYBRID