Ready for a fast-paced job where you can provide the literal groundwork that connects communities together? Join Summit Materials - a construction materials company leading the industry - where we build the foundation for a better tomorrow.
When joining our team, we offer the following benefits :
Medical, Dental and Vision Insurance
Life Insurance / AD&D
Short-term and Long-term Disability
Employee Assistance Program access (EAP)
401(k) with company-matched contribution
Seven (7) Paid Holidays annually
Paid Time Off (PTO) program
Position Overview:
The Senior Manager, Cyber Security will provide crucial support in the protection of Summit Materials' information. This role is responsible for overseeing the development and maintenance of cybersecurity policies, procedures, and guidelines that align with Summit's overall business objectives. The Senior Manager, Cyber Security will also be tasked with conducting routine risk assessments and audits, ensuring that processes are up to date on SEC rules, trends, and technologies, and making recommendations for when they are not. The role will oversee a team of IT experts who will assist with the daily management of security tool configurations and technology changes. The ideal candidate for this role will have a strong understanding of the latest security technologies and in-depth knowledge of regulatory compliance for Summit's business environment. They will also possess strong relationship-building and communication skills with teammates, partners, and vendors of all levels. This role is based in Salt Lake City, UT, and will support teammates across all aspects of the business.
Responsibilities:
Develop and maintain a comprehensive cybersecurity strategy that aligns with the company's overall business objectives.
Developing and implementing security policies, procedures, and guidelines based on industry best practices.
Maintaining awareness of new cyber threats, vulnerabilities, and technologies to keep the organization secure.
Conducting risk assessments to identify potential security threats and vulnerabilities.
Develop and implement compliance with SEC rules for Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosures.
Overseeing a team of information security experts and managing daily security tool configuration and technology changes.
Ensure that all employees are trained on cybersecurity best practices and that they understand their role in maintaining the company's security posture.
Work with other groups within IT and the business to ensure that security is integrated into all aspects of IT policies and processes.
Conduct regular security audits to identify areas of weakness and develop plans to address them.
Stay up to-date with the latest cybersecurity trends and technologies and make recommendations for new security tools and processes.
Develop and maintain incident response plans and ensure that they are regularly tested and updated .
Manage relationships with external vendors and partners to ensure that they meet the company's security requirements.
Having a strong understanding of the latest security technologies and trends, as well as a deep knowledge of the regulatory environment in which the company operates .
Protecting the company's reputation and ensuring that it remains compliant with all relevant regulations and standards .
Participation in Disaster Recovery and Business Continuity Planning.
Qualifications:
Bachelors Degree in relevant field
Minimum 5 Years experience managing Cybersecurity in a large public company
Industry Relevant accreditation preferred i.e. Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), CompTIA Security+
Knowledge of and experience of implementing Cybersecurity standards and frameworks such as NIST and CIS18
Familiarity with industry standard tools such as SentinelOne, Mimecast, LogRhythm, Netwrix, Nessus, ZScaler.
Excellent communication and leadership skills to work with a team of security professionals and other stakeholders across the organization .
