Director Business Security Partner (Remote)

Job Details

What you will do

The Johnson Controls Global Information Security (GIS) team is undergoing a transformation and expansion as Johnson Controls increases its cybersecurity resources and capabilities in order to address the increasing cybersecurity threat landscape.

The successful candidate will be a visionary thinker capable of leading large, sophisticated global cybersecurity functions while interacting with the business and technology leaders, including the Chief Information Security Officer (CISO), Deputy Chief Information Security Officer (Deputy CISO) and Chief Information Officer (CIO).

The candidate will be able to articulate thoughts clearly, plan initiatives, and execute with appropriate urgency. The candidate will demonstrate drive, intelligence, maturity, and energy and will be a proven change leader. The candidate will possess a high degree of business acumen and must have a "real world" perspective to effectively interact with the leaders in the Business Units.

How you will do it

• Lead regional cybersecurity efforts by partnering with regional and company leadership within cybersecurity, information technology and across various business functions (leadership, management, legal, compliance, internal audit, risk management, privacy, operations, sales, communications, logistics, procurement, and any other supporting functions)
• Responsible for assisting the global cybersecurity team as it pertains to cybersecurity governance, awareness and training, regional compliance, architecture, engineering and cyber defense, including support for cybersecurity incidents and crisis management within each region, accounting for regional, cultural and language differences
• Proactively work with each regional business leadership and management team regularly to ensure that cybersecurity strategic plans are known, and regional requirements and differences are integrated into the cybersecurity strategic plan
• Responsible for identifying, evaluating and reporting on legal and regulatory, IT, and cybersecurity risk to information assets while simultaneously supporting business and enterprise objectives
• Working with regional leadership to identify information risks, risk tolerance and mitigation strategies within region while supporting the global cybersecurity risk appetite
• Ensure that information systems are secure and compliant with legal, regulatory and contractual obligations
• Actively participate with external bodies to influence cybersecurity, privacy and compliance-related legal and regulatory frameworks as they evolve
• This job description indicates the general nature and level of work expected of the incumbent. It is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities required of the incumbent. Incumbent may be required to perform other related duties.

What we look for

Required

• Knowledgeable cybersecurity leader with demonstrated understanding of cybersecurity concepts and practices
• Minimum 10+ years working in cybersecurity with 5+ years in management and/or leadership
• Comprehensive working knowledge of one or more cybersecurity frameworks (NIST, ISO, COBIT, etc.)
• Experience with risk management disciplines and audit/assurance practices
• Strategic leader with demonstrated ability to align cybersecurity with business operations
• Knowledge and experience with regional regulatory and legal landscape and obligations
• Demonstrated collaborative teaming skills, cross-functional team experience, relationship management capability and the ability to understand and appreciate cultural differences
• Excellent verbal, written, and interpersonal communications skills, including the ability to communicate security and risk-related concepts to both technical and non-technical audiences
• Strong ability to convey complex information risk, compliance, privacy and cybersecurity matters to stakeholders in a manner that is easily understood and actionable
• Ability to maintain a high level of discretion and personal integrity in the exercise of duties, including the ability to professionally address confidential matters
• Excellent oral and verbal communication skills and presentation capabilities
• Demonstrated ability to effectively facilitate and drive organizational change
• In addition, given the global nature of the company's operations, the successful candidate is expected to be internationally mobile

Education

• Bachelor's degree in Information Systems or equivalent, master's degree preferred

One or more of the following certifications preferred:

• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)

#LI-SI1

#LI-Remote

Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability or any other characteristic protected by law. To view more information about your equal opportunity and non-discrimination rights as a candidate, visit EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit here.