Therma-Tru

Information Security Manager

Job Locations US-OH-Maumee
Job ID
2018-2129
# Positions
1

Overview

Therma-Tru Doors in Toledo, OH is currently seeking an Information Security Manager to be responsible for effectively analyzing, planning, organizing, leading and executing IT security programs and projects from conception to operationalization while managing risk, scope, schedule and budget. This position reports directly to the Therma-Tru CIO. The incumbent works closely with the Therma-Tru IT team. In addition, the incumbent works closely with the FBHS Enterprise Security Office and the other operating company Information Security Managers. The company is currently half way thru a 4 year enterprise-wide Cyber Security project.

 

Therma-Tru is the leading entry door brand most preferred by building professionals. Founded in 1962, Therma-Tru pioneered the fiberglass entry door industry, and today offers a complete portfolio of entry and patio door system solutions, including decorative glass doorlites, sidelites and transoms, and door components. The company also offers low maintenance Fypon® polyurethane and PVC products. Headquartered in Maumee, Ohio, Therma-Tru is part of Fortune Brands Home & Security, Inc which includes Moen, MasterBrand, and Master Lock companies. 

Responsibilities

  • Works with Therma-Tru IT leadership and the FBHS Enterprise Security Office to review and revise Enterprise Information Security Policies.
  • Works with assigned management and staff to develop and implement appropriate standards, guidelines and processes to ensure compliance with Enterprise Information Security Policies.
  • Assesses information technology control elements to mitigate IS/IT risks regarding the confidentiality, integrity, and availability of information assets.
  • Serves as the leader for the development, implementation and on-going operations of a comprehensive Vulnerability Management program that includes:  external network vulnerability testing, internal network vulnerability testing, wireless vulnerability testing and application penetration testing.
  • Serves as the leader for the development, implementation and on-going operations of a coordinated information security event and incident management function including Network Incident Detection and Protection Systems (IDS/IPS), a Security Incident and Event Management (SIEM) system and Host-Based IDS/IPS.
  • Provides leadership to the Incident Response Team that is responsible for responding to systems and network security incidents, e.g., system compromise, loss of confidentiality, authentication problems, etc.; analyzing incident reports; interviewing end-users and system owners as needed; isolating potential sources, and recommending solutions; supporting remediation efforts for security vulnerabilities in response to security incident reports by identifying and isolating problem sources and correcting problems as necessary.
  • Works with Internal Audit and outside consultants as appropriate on required security assessments and audits.
  • Tracks all information technology and security related audits including scope of audits, timelines, auditing agencies and outcomes. Works with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective.  Provides guidance, evaluation and advocacy on audit findings and recommendations.  Ensures appropriate mitigation actions are taken.
  • Ensures the development, documentation, and presentation of IS/IT security, education, awareness, and training for management, IS/IT personnel and users.
  • Participates in the evaluation, selection and implementation of security products and technologies.
  • Reviews and evaluates the security impact of changes to the network, including interfaces with other networks.
  • Reviews and recommends proposed privacy and security initiatives that protect information from inappropriate access, loss or misuse.
  • Monitors security trends, laws, regulations and communicate security-related issues and activities that may affect the organization.
  • Review IT projects to ensure security is built in early and sustained into operations.
  • Acts as the champion of Cyber Security throughout the business.  Raise awareness of risks, advocate balanced common sense behaviors to shrink the vulnerability footprint and risk.

Qualifications

  • 5+ years of progressive experience in a combination of highly complex IT infrastructure solutions, information security, compliance, regulatory and risk management.
  • BS Computer Science, Information Technology or related field

  • CISSP or CISM Certification Preferred

  • Direct experience successfully managing and delivering IT infrastructure and security programs and projects in large, distributed organizations.
  • IT professional services consulting experience would be an advantage.
  • Effective management of 3rd party vendor services and solutions.
  • Applied experience with Information Security Management frameworks and standards such as ISO 27002/27001 and NIST and IT governance and compliance requirements including Sarbanes Oxley and PCI.

Candidates for positions with Therma-Tru must be legally authorized to permanently work in the United States. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position, including student visas.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.