Cybersecurity program manager

Are you an experienced cybersecurity program manager, ready to take charge of securing a dynamic ICT/OT landscape? The cybersecurity program manager is a crucial role within imecs security department, orchestrating and supervising a comprehensive range of activities aimed at protecting imecs digital infrastructure from cyber threats.

As a cybersecurity program manager, you will support the 1st line of defence throughout our organization in implementing robust security measures. You play a pivotal role in designing, implementing & managing security controls in line with imecs information security control framework. Key responsibilities of this role include:

1. Security roadmap & strategic alignment:
* Assist departments in developing and executing security roadmaps in line with imecs corporate information security strategy
* Engage with senior business stakeholders to align security initiatives with business objectives and obtain buy in for security programs.
* Identify security gaps and define action plans to strengthen defences across ICT/OT environments.
* Provide expert guidance on integrating security into business processes, ensuring a risk based approach to cybersecurity.
2. Security program implementation & governance:
* Oversee the development, implementation, and maintenance of security policies, standards, and controls for secure configurations across on premises and cloud based ICT/OT platforms.
* Continuously assess the effectiveness of security controls and drive improvements to enhance the overall security posture.
* Conduct security reviews and assessments to ensure compliance with internal frameworks and external regulations (e.g., ISO 27001, NIST, IEC 62443).
3. Business engagement & stakeholder management:
* Act as a liaison between security and business units, ensuring security strategies align with business needs.
* Work closely with senior leadership and key stakeholders to advocate for security priorities and ensure security is embedded in departmental decision making.
* Develop and present security insights, risk reports, and business cases to executives to facilitate informed decision making.
4. Emerging threats & continuous improvement:
5. Stay ahead of emerging cyber threats, trends, and technologies, proactively recommending enhancements to imecs security architecture.
6. Support the adoption of advanced security solutions, including zero trust architecture, endpoint protection, network segmentation, and cloud security