Global Head of IT Security
Company: GATX Corporation
Location: Chicago
Posted on: October 24, 2024
Job Description:
Founded in 1898 and headquartered in Chicago, IL, GATX
Corporation (NYSE: GATX) is an industry leader with 125+ years of
success-success that is powered by our people. We are proud of our
high-performance culture, hard-working and enthusiastic management
team, and beautiful office space in the Willis Tower. At GATX, we
hire the best and offer our employees a dynamic, energetic,
collaborative environment to enable them to make an impact from day
one. Enjoy the perks and benefits of a global company with the
close-knit culture and community of a much smaller one. In the same
way we strive to empower our customers to propel the world forward,
we are dedicated to providing our people with the tools and
resources they need to move forward in their careers. And, thanks
to our employees, in 2023 we were named one of Chicago's Top
Workplaces by the Chicago Tribune for the fourth time! The Global
Head- Information Security is responsible for creating and
implementing an information security program that is designed to
protect GATX's data, systems, and assets globally from any
potential threats. This position will partner across functions to
drive major security initiatives and will be responsible for
effectively communicating goals, risks, and tradeoffs to executive
leadership and the board of directors in support of GATX's business
goals. Responsibilities:
- Central point of contact within GATX for all aspects and
communications regarding information security. Understand the
fundamental business activities performed by GATX, work with the
executive management team to determine acceptable levels of risk
for GATX and recommend pragmatic information security solutions
that protect these activities.
- Develop, maintain, and promote information security policies,
standards and guidelines. Ensure that controls comply with
contractual obligations, corporate policies, and legal and
regulatory requirements.
- Define and own a multi-year cybersecurity roadmap and key
performance indicators focused on reducing risk and in alignment
with GATX's business goals and objectives. Addressing management
fiduciary and legal responsibilities and customer expectations for
secure business practices.
- Provide regular reporting on the current status of the
information security program to the enterprise risk management
team, senior business leaders and the board of directors as part of
a strategic enterprise risk management program.
- Manage the cost-efficient information security organization,
consisting of direct reports and dotted line reports.
- Maintain an enterprise-wide information security awareness,
education, and training program.
- Provide strategic risk guidance and consultation for corporate
IT projects, including the evaluation and recommendation of
technical standards and controls.
- Oversee the performance of periodic IT risk assessments to
identify current and future security vulnerabilities, determine
levels of acceptable risk, and identify solutions to attain
acceptable risk levels.
- Perform periodic quality measurement studies to determine
whether the GATX Information Security function operates in an
efficient and effective manner consistent with standard industry
practices.
- Build and nurture external networks consisting of industry
peers, advisory bodies, vendors, law enforcement, and other
relevant parties to address common trends, findings, incidents, and
cybersecurity risks. Maintain working knowledge of latest
developments in information security, including new products and
services.
- Coordinate the preparation of information technology
contingency plans to respond to information security breaches,
violations, and incidents. Manage internal procedures and
activities pertaining to the investigation, resolution, and
prosecution of information security breaches and violations.
- Develop, maintain, and manage effective information technology
disaster recovery and business continuity practices and standards,
including plans and procedures to ensure that critical business
applications are recovered in the event of a declared
disaster.
- Manage all Sarbanes-Oxley related efforts and act as liaison
between Internal/External Audit and the IT Department. Manage
relevant processes and procedures associated with Sarbanes-Oxley:
enforce existing internal controls, and identify any necessary
additional internal controls. Work with Corporate Audit to ensure
that additional controls are documented, instituted, practiced, and
monitored. Qualifications: Interaction: The Global Head-
Information Security plans, organizes, coordinates, and directs
information security activities globally for GATX. He or she acts
as the focal point for all communications related to information
security, including internal staff and third parties. The Director
works with a wide range of individuals from different internal
organizational units, bringing them together to establish
appropriate controls for safeguarding information assets from
current information security threats and potential future
information security risks. Education and/or Experience Required:
- Minimum of 10+ years of experience in a significant leadership
role in information security, including experience in adopting and
implementing widely accepted management frameworks for IT
governance and information security practice (e.g. NIST, ISO-27001,
COBIT).
- Regulatory compliance experience with Sarbanes-Oxley, HIPAA,
Gramm-Leach-Bliley, European Privacy Directive, NIST, NSA etc.
- Knowledge of information security, control, and risk management
techniques, trends, and developments.
- Strong analytical skills to analyze security requirements and
relate them to appropriate security controls.
- Bachelor's degree in Information Security, Computer Science, or
related field required. Master's degree or post-graduate work
preferred.
- Certified Information Systems Security Professional (CISSP),
Certified Information Security Manager (CISM), Certified
Information Systems Auditor (CISA), or equivalent.
#J-18808-Ljbffr
Keywords: GATX Corporation, Palatine , Global Head of IT Security, Other , Chicago, Illinois
Didn't find what you're looking for? Search again!
Loading more jobs...