|Company||The Hershey Company|
|Preferred GIAC Certifications||GSTRT, GSOM, GCPM, GDSA, GCIA, and/or GCIH|
Job Title: Senior Manager, Information Security Engineering
Job Location: Hershey, PA
Leads the team responsible for the design, configuration, implementation, monitoring, analysis, maintenance, and technical support of global security engineering service platforms.
Enhances security engineering team accomplishments and competence by planning delivery of security solutions; develop and implement operational processes to ensure operational excellence across the team; collaborate with cross-functional teams to incorporate Information Security practices to develop an organizational security capability.
Management of departmental resources, staffing, mentoring, training requirements to enhance and maintain a best-of-class security engineering team; model leadership behaviors that are grounded in Hershey Mission and Values.
Develop and manage strategic relationships with senior leaders across the enterprise to incorporate security engineering services that support business objectives; ensuring mutual understanding of strategy, goals, and objectives.
Responsible for security engineering strategy; determine security requirements by evaluating business strategies and requirements; maintain security by monitoring and ensuring compliance to standards, policies, and procedures; incorporate threat-based approaches to evaluate cyber resilience and implement protective measures.
Responsible for development of a Security Engineering operations role for cloud services.
Report on status of development, quality, operations, and system performance to management
Maintain knowledge of industry and market trends and collaborate with teams to incorporate necessary changes.
Manages complex Information Security projects and initiatives; define and maintain processes, procedures, and expectations for the teams operational responsibilities.
Ability to work under pressure in a fast-paced environment.
Strong attention to detail with an analytical mind and outstanding problem-solving skills.
Great awareness of cybersecurity trends and hacking techniques.
Summary of major duties:
Planning and Execution - Developing strategic and tactical plans for the team, managing execution, and measuring results
Understand existing security maturity, strategic IT and business initiatives, develop security engineering roadmap and portfolio to enhance cyber resilance and risk reduction.
Collaborate with Network Operations to ensure processes and procedures exist for Security Engineering oversite of security capabilities built into network technologies.
Collaborate with Architecture and Infrastructure teams to incorporate security engineering protective and reactive security controls within architectural design and operations standards.
Research and advocate the latest security engineering best practices, threats, vulnerabilities and technologies throughout Hershey.
Minimum Education and Experience Requirements:
BS in Computer Science, Information Security or related field OR equivalent work experience (6 years of experience)
MS in a Computer Science, Information Security discipline preferred
6-12 years Information Security
Certification: SANs such as GSTRT, GSOM, GCPM, GDSA, GCIA, and/or GCIH or Industry standard