IPG PHOTONICS CORPORATION

Global Security Director

General Information
Location  377 Simarano Drive
Marlborough, MA 01752
United States
Employee Type  Exempt FT (I)
Job Category  IT
Description

The Global Security Director will become part of an international high tech manufacturing organization focused on all aspects of security within all IPG operations and lead the organization’s efforts to provide a safe and secure environment for all. This position will report directly to the Director of Global Information Technologies.

He/she will be the internal Strategic Business Partner to both IPG Corporate and all IPG Global locations on all IT Security related matters within the company.


Responsibilities:

  • Provide security leadership for all IPG locations and the programs that safeguard people, facilities and information.
  • Works with managers of functional areas to assess, prioritize, establish, and implement security measures.
  • Develop and maintain a risk strategy that formalizes risk into a comprehensive program for management to assess areas of concern.
  • Maintain a governance program that ensures all Information Security controls are adequately maintained and reported on through a GRC process.
  • Develop, publish, and maintain a comprehensive organization-wide information privacy and security strategy, plans, policies, procedures, and guidelines.
  • Manage the development, implementation, and maintenance of security policies, standards, and guidelines.
  • Direct the development and enforcement of information security and privacy policies in compliance with internal and external standards.
  • Identify current security infrastructure and defines what kind of security must be designed and implemented in order to meet organization requirements.
  • Research and maintain proficiency in tools, techniques, countermeasures, and basic trends in computer and network threats and exploits. 
  • Maintain a vulnerability management program where risk prioritizes work effort.
  • Maintain appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and /or transmitted information and reasonably protects against anticipated threats and vulnerabilities.
  • Prepare status reports and briefings on security matters for senior management.
  • Conduct risk analyses and assessments to ensure there are solutions in place to mitigate those risks.
  • Provide management with up to date information on the different threats and security vulnerabilities that the organization may face.
  • Ensure compliance through adequate training programs and oversight of periodic internal security audits.
  • Provide guidance and training to information owners and designs and implements programs for user awareness, compliance monitoring, and security compliance.
  • Assess audit results and partner with IT staff to create pragmatic action plans and monitor the execution and completion of action plans.
  • Coordinate audit and assessment processes to verify compliance with established controls.
  • Coordinate information security audits, tests and reviews.
  • Work with legal to ensure data protection practices are consistent with international regulatory requirements.
  • Partners with IT management to develop and maintain best practices and policies for security of all internal systems.
  • Partner with Legal and HR organizations to conduct IT Security & Technology forensics analysis against any suspicious activities with primary emphasis on networks, desktops / laptops, servers and critical applications.
  • Manage 3rd party forensics partner during significant incidents, and assist with disciplinary and legal matters associated with such breaches as necessary.
  • Oversee implementation of processes related to classified contract management, information security, operations security, workplace violence prevention, security awareness, asset protection, access control, badge and identification, and ITAR/EAR related security measures.
  • Manage the integration of security initiatives and budget to ensure employee engagement and facility changes as necessary to meet contract compliance as well as operational and business goals.
  • Maintain specific awareness of international security risks.
  • Oversee crisis management planning and execution.
  • Provide leadership, guidance and professional development for a site security and security personnel and services.
  • Initiate potential identification of security requirements that can be completed through shared services or common processes.

 

 

 

Requirements

 

  • 10 years of experience in security disciplines.
  • Must be well-versed in developing, implementing and managing a full range of contemporary industrial security programs both in US and non-US locations.
  • CISSP, CISM, CISA, ITIL, and Project Management certifications preferred.
  • Ability to select, negotiate and manage security services.
  • Strong relationship-building and collaborative skills.
  • Excellent oral and written communication skills.
  • Presentation Skills – Prepare and deliver formal and informal presentations to illustrate ideas, solutions and issues to upper management.
  • Project management experience.
  • Effective people skills and the ability to relate well with all levels within a diverse population.
  • Professional integrity.
  • Must have strong documentation technical writing skills.
  • Possess a breadth of demonstrated business, financial, and management skills.
  • Demonstrated experience in making critical security decisions that support the organization.

 

Education:

  • A Bachelor’s degree in Computer Science, Engineering, Mathematics  or related discipline. 
  • An advanced degree would be a plus. 

 

This position must meet Export Control compliance requirements, therefore a “US Person” as defined by 22C.F.R. §120.15 are required. “US Person” includes US Citizen, lawful permanent resident, refugee, asylee.   License exception Technology and software under restriction (TSR) defined in 15 CFR 740.6 may permit person from Country Group B

 

The following link will take you to the government site with the list of Country Group B: https://www.bis.doc.gov/index.php/documents/regulation-docs/452-supplement-no-1-to-part-740-country-groups/file