Chief Information Security OfficerLocation: Downers Grove, IL, US, 60515
Company: Dover Corporation
Dover is a diversified global manufacturer with annual revenue of over $8 billion. We deliver innovative equipment and components, specialty systems, consumable supplies, software and digital solutions, and support services through five operating segments: Engineered Products, Clean Energy & Fueling, Imaging & Identification, Pumps & Process Solutions and Climate & Sustainable Technologies. Dover combines global scale with operational agility to lead the markets we serve. Recognized for our entrepreneurial approach for over 60 years, our team of approximately 24,000 employees takes an ownership mindset, collaborating with customers to redefine what's possible. Headquartered in Downers Grove, Illinois, Dover trades on the New York Stock Exchange under "DOV." Additional information is available at dovercorporation.com.
Position Summary: As the Chief Information Security Officer (CISO), you will be responsible for developing and implementing an information security strategy that protects our organization's data and technology assets. You will lead a team of security professionals and work closely with senior leadership to align security initiatives with business goals. You will be responsible for designing security solutions that protect the business while enabling the business to execute and innovate in multi-cloud environments, including Azure / Azure Gov-Cloud, Oracle Cloud Infrastructure (OCI) and Amazon Web Services (AWS). The CISO works closely with many diverse and dynamic teams, including but not limited to, Enterprise IT, Legal, Human Resources and Dover's Operating Companies.
Essential Duties and Responsibilities: Develop and maintain the information security strategy, policies, standards and procedures. These include both Cyber Security as well as Connected Products security.Present Cyber and Connected Product Security Risks and progress to key stakeholders, including Dover's Board of Directors, Senior Executives, and OpCo management.Create periodic and ad-hoc executive updates reporting key team achievements, architecture design, and progress against plan, in a succinct format for an executive audience.Lead risk assessments and ensure compliance with relevant regulations and standards – more specifically with NIST CSF 2.0, NIST 800-53, CMMC, ISA/IEC 62443, and PCI DSS.Oversee incident response planning, execution alongside coordination with legal and external security providers.Collaborate with IT and other departments to implement security solutions and best practices.Conduct security awareness training for employees in multiple languages.Stay current with industry trends and threats to enhance security posture.Manage relationships with internal auditors, external auditors, third-party vendors and regulatory bodies.Experience with enterprise on-prem as well as multi-cloud architecture in Dover's public and private-cloud operational centers.Design and implement a governance model for Cloud-hosted infrastructure and cloud-based technology services.Build and leverage KPI's to measure the effectiveness of the Dover Security model tied to NIST CSF; provide influence on IT Operations SLAs in tandem with operational targets to ensure security and business objectives are mutually managed.Manage Cyber and Product Security department financials metrics, team goals and performance.Demonstrate commitment to industry standards, company policy, integrity, ethics and legal compliance.Qualifications / Requirements/Desired Characteristics: Minimum of B.S. or equivalent in Computer Science, Information Technology or Information Security (MIS, Computer Science, CyberSecurity, Computer Engineering or similar discipline).10+ years of working experience in Cyber Security, minimum 4 years in a Senior Cyber Security role.Working knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls.Background in global manufacturing / Industrial Services a huge plus.CISSP; CISM and/or SANS certification a huge plus.STATEMENT OF NON-INCLUSIVITY This job description is not to be construed as a complete listing of the duties and responsibilities that may be given to any employee. The duties and responsibilities outlined in this position may be added to or changed when deemed appropriate and necessary by the person who is managerially responsible for this position.
All qualified applicants will receive consideration for employment without discrimination on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, genetic information, or any other factors prohibited by law.
Work Arrangement: Hybrid
Salary Range: -
We consider several job-related, non-discriminatory factors when determining the pay rate for a position, including, but not limited to, the position's responsibilities, a candidate's work experience, a candidate's education/training, the position's location, and the key skills needed for the position. Pay is one of the Total Rewards that we provide to compensate and recognize employees for their work.
#J-18808-Ljbffr