Information Security and Compliance ArchitectLocation
TMH - Columbus INJob Description
The Cybersecurity and Compliance Architect is a hybrid role that spans architecture, governance, risk, and compliance. The Security and Compliance Architect provides expert guidance for addressing current security issues but has the foresight to see where the industry is headed and proactively deliver optimal security solutions. Essential Position Duties:
Skills and Experience:
- Remain current with new security threats and assess systems to ensure they can defend the business.
- Constantly research capabilities of current and new disruptive solutions on the market and make recommendations to security leadership.
- Research, validate and deploy solutions meeting security and business needs.
- Formally develop security standards, policies, procedures, and processes.
- Influence the planning and execution of incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).
- Possess a DevOps focus across technology and security architecture, automation, integration, and distribution.
- Drive security efficiencies, enabling security team members to work on more advanced tasks.
- Partner, coach, and functionally lead IT, engineering, development, and business teams.
- Define qualitative and quantitative metrics to assess the success of the security program and provide regular reports to security and business leadership.
- Lead audits to ensure compliance with business frameworks (JSOX, PCI, ISO, etc.).
- Perform other duties as assigned.
- At least 5 years of experience in cybersecurity, including compliance and risk management with a background in system and network security engineering.
- A proven deep background (preferred 5+ years in addition to cybersecurity) in technology design, implementation, and delivery.
- Experience in cloud computing technologies, including software-, infrastructure, and platform-as-a-service, as well as public, private, and hybrid environments.
- Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls.
- Excellence in communicating business risk from cybersecurity issues.
- Experience driving measurable improvement in monitoring and response capabilities at scale.
- Experience architecting SIEM systems, threat intelligence platforms, security automation, and orchestration solutions, IDS/IPS, file integrity monitoring (FIM), data loss prevention (DLP), and other network and system monitoring tools.
- Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
- Experience with one or more of the following: ISO 27001, NIST, Payment Card Industry Data Security Standard (PCI DSS), Health Information Portability and Accountability Act (HIPAA), Health Information Technology for Economic and Clinical Health (HITECH) Act, Japan's Financial Instruments and Exchange Law (J-SOX), Sarbanes-Oxley Act (SOX) the General Data Protection Regulation (GDPR), Center for Internet Security (CIS) standards or Service Organization Controls (SOC) 2.
- Prior team leadership experience preferred.
- Bachelor's degree in computer science, information assurance, cybersecurity or related field, or equivalent industry experience.
- CISSP or CISM (required); additional security certifications are a certification a plus.
About Toyota Material Handling
- At least 5+ years experience in cybersecurity as a practitioner and with at least 2 to 3+ years of exposure to various security frameworks.
- JSOX audit experience is a bonus
- Experience with OT/IoT Cybersecurity is a bonus
Let Toyota take your career to new heights. Toyota Material Handling provides employees with the opportunity to make a meaningful impact through innovation and creativity in an unmatched culture.
Based in Columbus, Indiana, Toyota offers a full line of high-quality material handling equipment sold under the Toyota brand for over 50 years. We are proud of our large and diverse workforce. We seek individuals committed to excellence with talent, skill, and innovation. We offer a competitive salary and benefits package with a pleasant and challenging work environment. Life is better at Toyota. Benefits that set Toyota apart:
Affirmative Action Responsibility:It is the Company's policy to afford equal employment and advancement opportunity for all qualified individuals without distinction or discrimination because of race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. Alternate LocationsFLSA
- Competitive Salary + bonus program
- Low-cost Medical with Free Dental and Free Vision Insurance
- Free On-Site Medical Center
- Free On-Site Recreational Complex
- On-site Pharmacy ($5 co-pay)