• Chief Information Security Officer

    Saint-Gobain (Malvern, PA)


    Job Summary:

    The Regional Chief Information Security Officer (Regional CISO) is responsible for the security (availability, integrity and confidentiality) of all systems and data in use on his/her reporting scope at Saint-Gobain (Region and/or Businesses), and accountable for the one managed by another team (e.g. GDI, web agency, etc.). The Regional CISO works with appropriate levels of management, both regionally and at Group level, to ensure the implementation of Saint-Gobain cybersecurity standards and the monitoring of cybersecurity risks.

    Essential Functions:

    + Act as the security of Infrastructure for IT solutions used by all Businesses of the Group in the Region (both Regional and global Businesses)

    + The Regional CISO is liable for evaluating risks, defining strategy and setting up an appropriate governance model on his/her Regional and Business perimeter, with the support of Central Cybersecurity team.

    + Design and implement a cybersecurity roadmap, based on the Group cybersecurity roadmap, Regional and Business specific cybersecurity risks and legal/regulatory local requirements, validation with Region / Business the roadmap, and appropriate reporting.

    + Manage security governance on the Regional and Business perimeter, by defining and setting up the necessary follow-up meetings and communication channels with all Business and IT stakeholders.

    + The Regional CISO oversees the application of security rules and standards on his/her regional and Business perimeter:

    + Ensure that projects are secured-by-design on his/her regional and Business perimeter, according to the Saint-Gobain processes (PSAT, Third parties management security, SIP, risk analysis…)

    + Ensure that all third parties contributing to a project or activity implement the appropriate set of security measures, of security tools, and provide the associated controls

    + The Regional CISO ensures that all operational security actions are carried out on his/her regional and Business perimeter.

    + Coordinate and supervise the management of security incidents and contribute to the resolution of major incidents on the perimeter in conjunction with the relevant teams, in collaboration with CyberSOC teams.

    + Contribute to the development of the Business Continuity Plan (BCP) by providing assistance to the Business in the identification of the business impacts of application unavailability and ensuring that the cyberattack scenario is included in the BCP.

    + Design and implement an awareness strategy (messages, phishing campaigns, etc.) toward all stakeholders of the perimeter, with the support of Central team

    + Follow up on acquisitions and divestitures projects on the perimeter and provide associated KPIs to the central M&A team operating for the Group CISO.

    + Bachelor’s Degree in information systems, Business Analytics, or related field, required.

    + Chief Information Security Officer should possess a blend of technical acumen, strategic focus, and strong leadership.

    + 10+ years of experience IT leadership experience with significant responsibilities in IT security

    + 5+ years of experience in a senior level leadership role

    + Experience implementing controls and mitigating risks related to GDPR, PCI, and other information security and data privacy standards

    + Demonstrated experience representing an organization's information security program in presentations and discussions with customers, partners and other external parties

    + Well-versed in the rapidly evolving threat landscape with a strategic mindset to mitigate threats

    + Outstanding communication skills with an ability to build strong narratives to highlight the importance of security to employees internally and customers/shareholders externally, including both technical and non-technical audiences

    + Experience at a leadership level building and scaling a high-functioning security organization

     

    Through the responsible development of innovative and sustainable building products, CertainTeed, headquartered in Malvern, Pennsylvania, has helped shape the building products industry for more than 110 years. Founded in 1904 as General Roofing Manufacturing Company, the firm's slogan "Quality Made Certain, Satisfaction Guaranteed," inspired the name CertainTeed. Today, CertainTeed is a leading North American brand of exterior and interior building products, including roofing, siding, trim, insulation, drywall and ceilings.

     

    -

     

    A subsidiary of Saint-Gobain, one of the world’s largest and oldest building products companies, CertainTeed has more than 6,300 employees and more than 60 manufacturing facilities throughout the United States and Canada. www.certainteed.com

     

    Saint-Gobain provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. Saint-Gobain is an equal opportunity employer of individuals with disabilities and supports the hiring of veterans.

     

    Applicants for roles based in Washington state or remote roles that would be worked from Washington state are encouraged to direct any concerns regarding the state’s Pay Transparency laws to the SGNA HR Compliance team at [email protected] .

     

    Saint-Gobain is committed to helping you and your family be well in all aspects of your life. Be Well. Be You brings together inclusive programs and meaningful resources to support all aspects of your physical, emotional, financial, and social well-being. Employees have the flexibility to choose the benefits that best fit their individual needs.

     

    + Health and Well-being – Supporting your wellbeing, to thrive in life and work.

    + Medical, Prescription Drug, Vision, and Dental Insurance

    + Healthcare Saving Account and Flexible Spending Account options

    + LiveWell Wellness Program

    + Employee Assistance Program (EAP)

    + Paid Time Off and Paid Parental Leave

    + Retirement and Protection - Helping to make the future life you want a reality.

    + 401(k) with Company Match, Retirement Accumulation Plan (RAP) Cash Balance Pension Plan

    + Company-provided Life Insurance, AD&D, Short-Term Disability

    + Voluntary employee and dependent life insurance, Long-Term Disability, Critical Illness and

    + Accident Insurance

    + Additional Benefits – Helping shape the experience and impact you want

    + Commuter Benefits

    + Group Legal

    + Identity Theft Protection

    + Auto and Home Insurance

    + Pet Insurance and Discounts

    + Back-up Child and Elder Care

    + PerkSpot Employee Discount Program

    + Volunteer Day