Global Security Manager

What we offer:
At Magna, you can expect an engaging and dynamic environment where you can help to develop industry-leading automotive technologies. We invest in our employees, providing them with the support and resources they need to succeed. As a member of our global team, you can expect exciting, varied responsibilities as well as a wide range of development prospects. Because we believe that your career path should be as unique as you are.
Group Summary:
The Magna Exteriors portfolio of products includes access systems such as liftgates, exterior trim, modular systems, front-end modules including fascia, active aerodynamic systems and other lightweight structural components for automotive, commercial truck and other industrial markets.
Recognized globally as an innovator in all aspects of vehicle exteriors, Magna provides everything needed, from materials development and design through manufacturing and assembly, to help automakers create sleek, state-of-the-art vehicles across the world.
Job Responsibilities:
POSITION SUMMARY:
Providing a secure and trustworthy customer journey is one of our most important objectives. In order to expand our capabilities, Magna Exteriors is seeking a Global Information Security Manager (GSM). This person will be the security subject-matter-expert, responsible for leading our global cybersecurity efforts and managing compliance-related activities. The GSM will report directly to the Global Director, IT, with oversight of global divisions and corporate offices.
The main objective for the GSM is to implement the global cybersecurity vision and strategy across our global footprint. The GSM leads and coordinates regional security and compliance initiatives working in collaboration with the Global CISO, Exteriors leadership, IT Managers, and Division IT engineers, Audit, Compliance, HR, Privacy and Data Protection. The GSM will provide effective governance, operational efficiency, performance monitoring and measurement of cybersecurity risk, cyber capabilities and general compliance and security related actions essential to our business.
ESSENTIAL DUTIES & RESPONSIBILITIES:
Operations: As a cybersecurity leader, the GSM is responsible for coordinating the day-to-day activities required both internally and externally to ensure compliance and risk mitigation.

• Lead resources across all functions to execute the Magna security strategy to improve global cybersecurity posture and keep up with the evolving needs of the business
• Maintain a responsive and effective security operations capability that will identify, contain and resolve cybersecurity incidents by minimizing business impact and meeting compliance and reporting obligations
• Participate in the creation of a security architecture for the Operational Technology domain as well as in solution selection and process development as required in order to enforce consistency and adherence to global security standards and guidelines.
• Provide support to prepare divisions for internal and external audits (TISAX, IATF, CTPAT)
• Create and provide training on related security policies and procedures across all functions.

Governance, Risk Management and Compliance: The MGIS will be responsible for ensuring alignment and compliance with common cybersecurity management frameworks, regulatory requirements, industry leading practices and Global Cybersecurity policy.

• Develop a global cybersecurity risk profile based on the identification, categorization, evaluation, and prioritization of cybersecurity risk across each region.
• Oversee and approve risk mitigation strategies to manage overall cyber risk to an acceptable level.
• Measure and reporting on the regions' compliance with cybersecurity policies and standards while also understanding the risk implications of approved regional/global exceptions.
• Measure and reporting on the effectiveness of cybersecurity controls to ensure alignment with the cyber strategy and strategic cyber goals by focusing on operational performance and quality outcomes.
• Ensure that cybersecurity legal and regulatory requirements are addressed and implemented as required.
• The above is intended to describe the general content of and the requirements for the performance of this position. It is not to be construed as an exhaustive statement of duties, responsibilities, or requirements.
• Upholds the principles of the Magna Employee's Charter, Magna's Operational Principles, Magna's Environmental Health and Safety Policy & Procedures, Magna Mechatronics, Mirrors, and Lighting Quality Policy, Program Execution Process and Business Protocols. Must understand and respect the laws and cultures in countries which Magna conducts business & Magna compliances.
• Participating in the creation of a security architecture for the global and regional scope as well as in solution selection and process development as required in order to enforce consistency and adherence to global security standards and guidelines Governance, Risk Management and Compliance. The GSM will be responsible for ensuring alignment and compliance with common cybersecurity management frameworks, regulatory requirements, industry leading practices and Global Cybersecurity policy.

The above is intended to describe the general content of and the requirements for the performance of this position. It is not to be construed as an exhaustive statement of duties, responsibilities, or requirements.
QUALIFICATIONS:
To perform this job successfully; an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
EDUCATION / SPECIAL KNOWLEDGE:

• Bachelor of Science degree in Computer Science, Engineering, Computer Security, Information Systems, or equivalent.
• Strong knowledge of various frameworks/regulations such as ISO 27001/2, NIST 800-53, NIST Cybersecurity Framework, GDPR, TISAX, TIPSR, SOX, ITIL, COBIT, COSO or similar.
• Accredited certifications a plus, such as: CISSP, OSCP, GCIH (Certified Incident Handler) GCIA (Certified Intrusion Analyst) CEH (Certified Ethical Hacker) CCNA (Cisco Certified Network Associate)

EXPERIENCE:

• 5+ years of experience in cybersecurity policy, standards, architecture, technology and programs.
• 5+ years of Security or IT management
• Automotive experience preferred.
• Previous SOC / NOC experience a plus

KNOWLEDGE AND SKILLS:

• Experience with cybersecurity governance, risk and compliance functions, threat modeling, identity and access management and cybersecurity operations.
• Experience working as part of a global team is preferred.
• Able to assess risks and implement appropriate controls to mitigate threats.
• Strong proficiency with common cybersecurity management frameworks and industry leading practices.
• Knowledge of applicable global/regional regulatory requirements.
• Demonstrated ability to gather, analyze and interpret business drivers and develop practical security solutions that provide adequate security to support the business.
• Demonstrated ability to engage in operational leadership and teams to identify risks and establish mitigation strategies.
• Strong project management and organization skills.
• Able to work across organizational and company boundaries to collaborate and influence others
• Able to communicate complex information in a clear and concise manner.

PHYSICAL DEMANDS / WORK ENVIRONMENT:
Office environment with up to 40% travel required (both domestic and international).
Normal amount of sitting or standing, average mobility to move around an office environment, Able to conduct normal amount of work at a computer.
Awareness, Unity, Empowerment:
At Magna, we believe that a diverse workforce is critical to our success. That's why we are proud to be an equal opportunity employer. We hire on the basis of experience and qualifications, and in consideration of job requirements, regardless of, in particular, color, ancestry, religion, gender, origin, sexual orientation, age, citizenship, marital status, disability or gender identity. Magna takes the privacy of your personal information seriously. We discourage you from sending applications via email to comply with GDPR requirements and your local Data Privacy Law.
Worker Type:
Regular / Permanent
Group:
Magna Exteriors