Howmet Aerospace, headquartered in Pittsburgh, Pennsylvania, is a leading global provider of advanced engineered solutions for the aerospace and transportation industries. The Company's primary businesses focus on jet engine components, aerospace fastening systems and titanium structural parts necessary for mission-critical performance and efficiency in aerospace and defense applications, as well as forged wheels for commercial transportation. Howmet Aerospace is transforming the next phase of more fuel-efficient, quieter aerospace engines and sustainable ground transportation. For more information, visit www.howmet.com . Follow @howmet: Twitter , Instagram , Facebook , LinkedIn and YouTube .
Howmet Engine Systems is currently seeking an experienced IT Security professional to join our Information Technology team. In this role, the successful candidate will:
Help our business to enhance and enforce Cybersecurity Maturity Model Certification (CMMC) using existing and future NIST and DFARS requirements.
Develop new and mature existing policy documents as required. This may include policies regarding Configuration Management, IS Sanitization, Media Security, Password Policy, Business Continuity, Continuity of Operations, Incident Response, Disaster Recover, and Security Assessments.
Work with Corporate Security to continuously develop and strengthen our Cyber Security service offerings.
Verify and document the implementation of security controls necessary to achieve compliance.
Integrate CMMC elements into existing self-assessment programs to ensure continued compliance to CMMC/DFARs.
Manage the security oversight and assessment of information systems assets and the protection of systems from intentional or inadvertent access or destruction.
Initiate and lead on-going information security maturity assessment processes and training.
Work with Corporate Security to provide guidance, recommendations and oversight for the identification, triage and response of events or incidents of apparent security incidents for diagnosis of possible breaches.
Produce and review key performance indicators for implemented security measures and distribute KPIs.
Maintain knowledge of threat landscape by monitoring threat intelligence, and other related sources.
Keep management apprised of impending areas of concern, verbally and in writing.
Escalate and manage compliance issues as they arise.
Work with business unit compliance teams, data owners and process owners to educate and refine controls.
Compile documentation that supports program implementation and management.
Provide support to business units in connection with proposal response.
Serve as business unit compliance point of contact for compliance escalations, ensuring CMMC and other control frameworks are implemented and met.
Provide guidance and support in connection with business unit response to external audits.
Strong ability to work independently as well as providing situational leadership as part of a team
Previous experience performing IT audits, risk assessments or other similar Information Security and Information Risk functions
Ability to work independently in a dynamic, unstructured environment
Strong process orientation and ability to develop and follow standard work; attention to detail
Organizational skills to manage multiple competing priorities and deadlines in a fast-paced working environment
Minimum of 9 years' experience in information technology
Minimum of 5 years' experience in IT security assessment or IT compliance
High School diploma or GED
This position is subject to the International Traffic in Arms Regulations (ITAR) which requires U.S. person status. ITAR defines U.S. person as an U.S. Citizen, U.S. Permanent Resident (i.e. 'Green Card Holder'), Political Asylee, or Refugee.
Bachelor's degree from an accredited college or university
Cloud computing security
Security governance and policy
Security risk analysis
Logging and monitoring systems
Scanning and vulnerability management systems
Advanced Malware Protection
Strong written and oral communication skills
Strong project management skills
Candidates who can work from any Howmet Engines Systems location may be considered.
Equal Opportunity Employer–minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity
Please see job description for required skills.