Bourns, Inc., a leading global supplier of reliable, high-quality electronic components and solutions for over seventy-five years, is currently seeking a Cybersecurity Specialist!
The Cybersecurity Specialist is a key member of the Global Cybersecurity team working collaboratively with global Infrastructure, Applications, Architecture, Plant Engineering teams, and business departments, to define, implement, and maintain cybersecurity standards for Bourns’ IT and OT systems, Applications, and various Business Unit processes, across a global footprint of locations. The Cybersecurity Specialist is responsible for executing cybersecurity projects, supporting planning efforts, and serving as a project lead to ensure high-quality delivery and ongoing controls management. This hands-on position uses the latest cybersecurity tools and cyber risk management approaches to perform or oversee security technical work globally for Bourns. This position is responsible for the management of cybersecurity systems and functions in protecting computers, networks, systems, applications, and Company assets against cyber threats. Responsibilities include the design, implementation, and management of cybersecurity solutions and standards in alignment with government and industry mandates, and cybersecurity best practices. The Cybersecurity Specialist works directly with IT and business managers and executives to communicate technical aspects and metrics of the cybersecurity program.
DUTIES AND ACCOUNTABILITIES - PRIMARY
- Conduct security risk assessments for Information Technology (IT), Operational Technology (OT), and various business departments, and work with related owners to track identified gap remediation to completion.
- Manage external vulnerability and penetration testing and track the remediation of identified vulnerabilities to completion.
- Manage and oversee internal infrastructure and application vulnerability management program, including tools used, procedures, remediation, and reporting.
- Manage the deployment and administration (as needed) of email and DLP security systems, along with global security training and phishing campaign systems.
- Manage and respond to customer and compliance-initiated security audits, working with IT/OT and business owners to implement remediation solutions, processes, and procedures.
- Create and maintain the Bourns Cybersecurity Program, Policies, Operating Procedures, Control Documents, and Architectural Diagrams in alignment with security standards such as those from ISO, NIST, and CIS, along with standard best practices.
- Continuously update the cybersecurity program to comply with changing regulatory and customer requirements and to protect against evolving cyberthreats.
- Provide management with periodic cybersecurity presentation updates and reports, depicting current state of cybersecurity program, accomplishments, risk areas, and security defense roadmaps.
- Assist Legal team and Data Protection Officers with policies, procedures, and controls in support of privacy laws and regulatory requirements such as GDPR and CCPA.
- Manage and monitor the investigation, Root Cause Analysis (RCA), and remediation of security incidents. Conduct or oversee any needed forensic investigations and support Legal team and management with incident response measures, as needed.
- Partner with Legal team in maintaining the cybersecurity aspects of third-party contracts and nondisclosure documents, and monitoring third party compliance of these agreements.
- Review cybersecurity risks associated with new technology solutions, services, applications, and infrastructure, ensuring their compliance with security policies and standards.
- Partner with various IT functional areas including technology, infrastructure, application development, and business intelligence on cybersecurity matters.
- Periodically test and update the Incident Response and Disaster Recovery Policies and Procedures.
- Partner with the Human Resources department in providing security awareness program training content and services.
- Conduct IT cloud service provider SOC audits and track any required gap remediation.
- Build and maintain strong relationships with IT colleagues, business leads, and IT/security vendors.
EDUCATION: Bachelor’s Degree in Computer Science, Cybersecurity, Information Technology, or combination of education and work equivalent.
TRAINING AND EXPERIENCE: Five or more years of cybersecurity experience in a corporate environment with evidence of increasing responsibilities. Cybersecurity certification(s) preferred (CISSP, CEH, SANS, CASP+, Security+, etc.). Excellent interpersonal, written, and verbal communication skills required.
Experience required:
- Experience in managing cybersecurity program in a multi-site, global organization.
- Skilled at project management, prioritization, and analyzing business processes.
- A track record of delivering information security procedures, processes, and systems with a focus on security, performance and reliability.
- A deep understanding of security best practices, current and evolving vulnerabilities, defenses and attack methods, cryptography, authentication, authorization, and security protocols.
- Working knowledge of industry security frameworks and standards such as ISO-27001, NIST-800, SOC 1-2, and other security standards and regulatory frameworks.
- Understanding of data privacy regulations and compliance requirements of GDPR, CCPA and other regional privacy compliance regulations.
- Experience with end user and systems authentication architectures, Endpoint protection, email security, DLP, security training, and MDR or SIEM systems.
- Security risk management, assessment, and gap remediation.
- Experience in managing and performing security vulnerability management, security penetration tests, and gap remediation.
- Experience working with application teams to ensure secure development and ongoing application security.
- Experience in security incident management programs, policy and procedure creation, management, and testing, as well as overseeing security incidents, forensics, and remediation.
- Fundamental knowledge of IT and OT network and security concepts, systems, protocols, and best practices.
- Ability to successfully analyze, diagnose, and remediate complex security issues.
OTHER SKILLS:
- Knowledge and an interest in building expertise in the following technologies:
- Cybersecurity program administration
- Edge security design and configuration
- Remote access platforms
- Cloud architectures
As a key member of the Global Cybersecurity team, you will have an opportunity to grow with the Company and advance based on your results, performance, and hard work. We offer a competitive salary, excellent benefits, and the opportunity to work in an expanding international Company. To apply, please e-mail your resume and cover letter to our Human Resources Department at: BournsHR.Riv@bourns.com.
Equal Opportunity Employer: Minority/Female/Disability/Veteran
Salary Range: 104,000 – 140K