Director, Information Security Promotion

The Director of Information Security for the North America (NA) region is responsible for leading and overseeing the cybersecurity strategy, governance, risk management, compliance, and security operations across all NA business units, manufacturing facilities, engineering environments, and corporate functions.

This role serves as the senior regional security leader and partners closely with global cybersecurity leadership, IT, engineering, manufacturing, legal, compliance, HR, and business executives to protect company assets, intellectual property, manufacturing operations, connected technologies, and customer trust.

The Director will ensure alignment with automotive industry cybersecurity requirements, regulatory obligations, and global enterprise security standards while enabling business growth and operational resilience.

Key Responsibilities

Cybersecurity Leadership & Strategy

• Lead the North America information security program across corporate, manufacturing, engineering, and operational technology (OT) environments.
• Develop and execute regional cybersecurity strategies aligned with global enterprise objectives.
• Serve as the primary cybersecurity advisor to NA executive leadership.
• Drive security maturity improvements through risk-based planning and measurable outcomes.
• Establish security roadmaps, budgets, staffing plans, and strategic initiatives.

Governance, Risk & Compliance (GRC)

• Establish & maintain company cybersecurity policies and procedures.

• Oversee regional cybersecurity governance processes and ensure adherence to enterprise security policies and standards.

• Manage cybersecurity risk assessments for business operations, manufacturing plants, supplier ecosystems, and engineering platforms.

• Ensure compliance with:

• TISAX

• NIST Cybersecurity Framework

• Automotive customer cybersecurity requirements

• Privacy and data protection regulations

• SOX/JSOX and contractual obligations where applicable

• DENSO Global control standards

• Coordinate internal and external security audits and remediation activities.

• Present cybersecurity risks, metrics, and program status to executive leadership.

Security Operations & Incident Response

• Oversee regional security operations
• Lead cybersecurity incident response activities within the NA region.
• Vulnerability management (in partnership with server, application, network and other IT & OT teams)
• Coordinate with global SOC, legal, HR, communications, and external partners during incident investigations.
• Ensure business continuity and cyber resilience capabilities are maintained and tested.

Manufacturing & Operational Technology (OT) Security

• Influence security decisions of OT initiatives across manufacturing facilities and industrial control system environments.
• Partner with plant operations, engineering, and infrastructure teams to improve OT security posture while minimizing operational disruption.
• Support secure manufacturing modernization and Industry 4.0 initiatives.

Engineering & Product Security Collaboration

• Partner with product engineering and R&D organizations to support secure development practices.
• Assess cybersecurity and safety product design deliverables and compliance with automotive cybersecurity (ISO 21434) and functional safety (ISO 26262) standards, and other customer requirements.
• Support protection of intellectual property, engineering data, and prototype environments.

Third-Party & Supply Chain Security

• Oversee cybersecurity assessments and risk management activities for suppliers, service providers, and external partners.
• Partner with Purchasing organization to engage suppliers to make security improvements.

Team Leadership

• Lead, mentor, and develop regional cybersecurity personnel and managers.
• Create annual plans, initiatives, KPIs, and budgets. Track & report progress against these plans.
• Foster a culture of accountability, collaboration, and continuous improvement.
• Build strong partnerships across technical and business functions.
• Support talent acquisition, succession planning, and cybersecurity awareness initiatives.

Required Qualifications

• Bachelor's degree in Information Security, Computer Science, Information Technology, Engineering, or related field.

• 10+ years of progressive cybersecurity or information security experience.

• 5+ years in leadership or management roles overseeing enterprise security programs.

• Experience in:

• Cybersecurity frameworks and standards

• Incident response

• Vulnerability management

• Identity and access management

• Cloud and infrastructure security

• Security governance and risk management

• Security Awareness / Culture change

• Experience interacting with executive leadership and external auditors/customers.

• Strong communication, leadership, and stakeholder management skills.

Preferred Qualifications

• Experience within automotive, manufacturing, or industrial environments.

• Familiarity with:

• TISAX

• ISO 21434

• NIST CSF

• Professional certifications such as:

• CISSP

• CISM

• CRISC

• GIAC certifications

• Experience managing distributed regional teams and global collaboration models.

Benefits Summary:

• Medical, Dental, Vision, Prescription Drug plans
• 401K with 4% Company Match
• Vacation/PTO and 13 paid Holidays
• Bonus Program
• FSA/HSA and Dependent Care Programs
• Company provided Life, Disability, ADD and Business Travel Insurance
• Various No Cost Wellness & Chronic Condition Management Programs
• Various Optional Insurance programs such as legal, identity theft, critical illness, etc.
• Tuition Reimbursement
• Career Development and Ongoing Training
• Employee Assistance Program
• Employee Spotlight and Recognition Program
• Volunteer Opportunities
• Onsite Fitness Center (vary by location)
• Cafeteria and food markets (vary by location)
• Onsite Health Clinic and Pharmacy (vary by location)

Candidates residing 50+ miles from the work location are eligible for relocation assistance.

Annual Salary: $186,700 - $233,400