Cyber Security Manager – MTI – Minerals Technologies Inc. Bethlehem, PA
Note: We are reader supported and may earn a small commission when you click on links in posts
About the job
Minerals Technologies Inc. (MTI) is a resource- and technology-based company that develops, produces and markets worldwide a broad range of specialty mineral, mineral-based and synthetic mineral products and related systems and services. The Company has four reportable segments: Specialty Minerals, Performance Materials, Refractories and Energy Services.
MTI provides a business environment and promotes a culture that encourages all employees to contribute to our success. We have long been committed to the recruitment and advancement of the most talented and qualified people. We recognize that MTI’s ability to provide the highest caliber of products and services is enhanced by a workforce that reflects the diversity of the communities and countries in which we work.
We currently have an exciting opportunity for a Cyber Security Manager at our Bethlehem, PA location. The Cyber Security Manager ensures that national and local information security and privacy regulations are being followed. Leads IT Risk Assessments to identify key corporate security vulnerabilities that affect the confidentiality, integrity and availability of company confidential data and provides support to systems owners to address and implement solutions to identified security and risk issues. Supports security and privacy audits and develops a mitigation strategy. Protects valuable information and maintains the confidentiality and integrity of data through knowledge of security management, network & protocols, data, and application security solutions.
- Keeps abreast of industry trends and current emerging risks.
- Develop and maintain Cyber Security MTI specific program in accordance with leading standards i.e. NIST, CSF and ISO.
- Lead assessments of current security technology and authentication systems and evaluate against Federal and State Information Protection and Privacy regulations, MTI Information Security Policies, and other relevant regulations pertaining to the protection of Enterprise Information assets with respect to information security.
- Develop and advance MTI information security policies, standards and procedures in conjunction with the application and technology teams responsible for the day to day systems configuration and operation.
- Lead the assessment and review of new and existing technology infrastructure to identify key risk areas, and ensure adequate levels of control are in place to address those risks and develop risk mitigation techniques and processes to ensure that all reviews as actionable by system manager and the operations staff.
- Lead the consultative process and advise personnel in IT departments to coordinate information security activities.
- Support Information Security Officer in Information Security activities as needed.
- Develop and lead activities supporting the IT Risk Management process such as data classification and security controls maintenance.
- Lead Collaborative programs with personnel in IT and all business units to ensure that electronic data security is consistently implemented throughout the Enterprise.
- Update skills as necessary to support MTI Information Security and remain knowledgeable of industry standards and advancements.
- Assist with the design and administration of Cyber Security Awareness Training, including reporting.
- Assist with the coordination and remediation of found vulnerabilities.
- Develop presentations and other materials to communicate Cyber Security initiatives to all staff, senior management.
- Responsible for other duties as assigned.
- Actively participates in the implementation of sustainable improvement processes, such as 5S, Kaizen, Total Productive Maintenance (TPM), Daily Management Control, Standard Work and Problem Solving
Other Related Duties
- Participates in the Operation Excellence Program as outlined by the Company.
- Other duties and special projects as assigned.
Note: Management reserves the right to assign or reassign duties and responsibilities to this job at any time.
- Introduction to Cybersecurity Tools & Cyber Attacks by IBM
- Financial Markets by Yale University
- International Cyber Conflicts from the State University of New York
- Business Foundations by University of Pennsylvania
Qualifications and Experience:
The requirements listed in the sections that follow are representative of the knowledge, skills and/or abilities required to perform the duties of this job. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions (primary duties) of the job.
(May substitute any equivalent combination of education and experience):
Should have clear understanding of all domains on information security and as per ISO27001 guidelines (globally accepted framework) and have relevant experience in auditing information systems from a technology and physical security perspective.
Should have detailed understanding on below technologies.
- Network Devices (Fortinet Firewall – Hands-on [Mandatory])
- Anti-Malware solutions (McAfee preferred)
- Intrusion Prevention Systems
- Web Content filtering solutions (Umbrella preferred)
- DLP Technologies – Host, Email, Web
- Web Application Firewalls
- SIEM (Security Information and Event Management) Solution (IBM QRadar preferred)
- CISA (Certified Information Security Auditor) OR
- CISM (Certified Information Security Manager) OR
- Certified Information Systems Security Professional (CISSP)
- CompTIA Security+
Knowledge of Cyber Security Framework for e.g. NIST, CSF would be desirable
Experience: Minimum of 7+ years of experience in information services with 5 years of demonstrable and progressive experience operating within Information Security domains. Require in-depth understanding of Information Security practices for network, servers, databases, applications, and advanced use of Information Security assessment techniques.
Education: Bachelor’s Degree in computer science with emphasis on IT security preferred.
Travel: Travel to other work sites may occur.
Knowledge, Skills & Abilities: Incumbent must have a well-developed business understanding, working knowledge of customer requirements and demonstrate a balance between analytical and creative thinking. Incumbent must also be a self-starter who seeks responsibility and is able to work with minimal direction. Incumbent must have demonstrated a willingness to challenge conventional ideas, be flexible, innovative, and be able to function effectively in a team environment and possess superior analytical and problem-solving skills. Incumbent must be proficient in personal computers and related databases. Computer skills required include knowledge of spreadsheets, database and word processing software on PC based systems. Incumbent must possess excellent organizational and communication skills. Incumbent must possess strong interpersonal skills and have the ability to communicate.
While performing the duties of this job, an employee is typically required to have the ability to coordinate movements, regularly stand, walk, bend, squat, climb, reach, crouch, and kneel during a work shift, have manual dexterity, select and use appropriate equipment/tools to accomplish job duties, read, write, listen, speak and understand English, follow all instructions and other oral/written information, visually inspect equipment/work area, complete paperwork and other documentation accurately, identify, analyze, troubleshoot and solve issues using judgment, react quickly as needed, be organized and detail oriented, be able to identify/judge the urgency of a situation, use judgment in decision making, make decisions in a timely manner, manage multiple priorities, communicate effectively with others, be aware of oneself in relation to surrounding equipment, and work independently. Ability to instruct/transfer job information/knowledge to others is preferred.
The employee is expected to be self-directed, take initiative and be persistent when appropriate to accomplish necessary duties and keep busy without prompting. Additionally, the employee is expected to be adaptable/flexible to changing work assignments, have a high level of integrity, dependability and self control to maintain composure, perform multiple tasks at once, learn and memorize procedures, manage time effectively and efficiently, meet established deadlines, display a cooperative demeanor, read, understand and follow all company, job specific and safety policies/procedures, and attend/use all required training. Ability to travel is required.
Working Conditions: There is exposure to plant production areas, which may include exposure to outside weather conditions as well as loud noise from equipment and dust from production processes. Exposure to plant areas requires the use of appropriate safety equipment. Personal protective equipment is available for employee use in these circumstances.
Safety Training: A new employee hired to perform the duties of this position is to be provided New Employee Training from a qualified individual, which consists of classroom training and may include a tour of plant area(s). Additional refresher safety training will be required as management deems appropriate and/or as dictated by MSHA/OSHA regulations.
Equal Opportunity Employer