Associate Director of Technology and Cyber Security

Job Description

Global Manufacturing firm is looking for a AD of Technology and Cyber Security to own and leads the global cybersecurity and assurance program, partnering closely with Corporate IT to harden their posture, and give senior leaders clear, defensible opinions on control effectiveness and risk. Translate findings into scalable fixes and
measurable outcomes across 300+ facilities. Provide assurance on the integrity, reliability, and resilience of our technological environment and works directly with operations to ensure a strong, measurable security posture. This strategic assurance leadership role ensures the integrity, security, and compliance of the company's IT infrastructure,information systems, and operational technology (OT) environments, while positioning the audit function as a valuable business
partner and talent pipeline for the organization. The ideal candidate pairs an executive-level analytical mindset with deep technical acumen to govern risk across our global footprint-spanning digital assets, systems, and data. This leader brings a strong command of security architecture, network security, and modern infrastructure, and excels at turning risk insights into actionable, scalable controls. Working cross-functionally and across regions, the Director identifies emerging threats, prioritizes remediation, implements appropriate controls, and provides clear, authoritative guidance on cybersecurity best practices. Role reports to the VP of Internal Audit and serves as a trusted advisor to senior technology leaders across the Company, helping to strengthen company's global control environment through thoughtful risk insights and strategic influence
Key Responsibilities:
Strategic Assurance Planning & Risk Management
? Execution of global system-wide risk management function of the information security program to ensure emerging
information security risks in a dynamic manufacturing environment are identified.
? Conduct ongoing evaluations of IT risks, including cybersecurity, cloud infrastructure, data governance, business
continuity, and manufacturing-specific operational technology risks
? Provide expert advisory services and control consultation for major technology initiatives, including new manufacturing site integrations, ERP transformations, and M&A activities
Audit Execution & Compliance
? Oversee the team responsible for delivering risk-based audits and consulting engagements across company's diverse technology ecosystem, fostering a collaborative, agile, and growth-oriented environment
? Oversee the planning, execution and documentation of IT and OT audit engagements in accordance with professional standards (IIA, COBIT, NIST, SOX) and company policies using an integrated audit approach which concentrates on high-risk areas, and review of both IT operational and cyber security controls.
? Ensure consistent application of audit processes for both traditional IT and manufacturing-specific process control systems (PCS) in all operating regions.
? Advise on architecture, identity, network segmentation/zero trust, endpoint/EDR, patching, encryption, logging/SIEM, and backup/recovery
? Assess Operational Technology (OT) controls with a manufacturing focus, vendor/supplier cyber risk, and plant connectivity risks
? Use evidence (telemetry, SIEM, EDR, network logs) to determine incident scope; advise on containment/eradication/recovery and lessons-learned controls
? Produce executive reporting and concise dashboards and reports that quantify risk reduction, control maturity, and audit ROI
Leadership & People Development
? Recruit, lead, mentor, and develop a globally dispersed team of IT audit professionals, fostering a culture of continuous improvement, accountability, and professional growth
? Co-source where it accelerates expertise and coverage
? Build and maintain strong, collaborative relationships with business unit general managers and controllers, group and division management, and corporate function heads (Legal, Compliance, Finance)
? Drive the adoption of audit technology, data analytics, automation, and continuous monitoring techniques to enhance audit coverage and efficiency
Qualifications:
? 10+ years of advanced IT skills with expertise in information security.
? Strong analytical skills for trend detection, issue analysis, and solution development.
? Bachelors or Master's degree in Information Systems, Computer Science, Cybersecurity, or related field.
? 5+ years in IT infrastructure, network administration, or system engineering focused on security
? IT security and auditing experience
? Deep understanding of security principles, protocols, and best practices.
? Preferred certifications: Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM).
? Familiarity with security frameworks and compliance standards: ISO 27001, COBIT, COSO, NIST, GDPR, PCI DSS
? Understanding of network, ERP systems, databases, and IT application controls
? Organizational and project management skills
? Ability to apply a global perspective to ensure audit coverage reflects regional nuances and local regulatory requirements
? Effective, independent and strong team worker
? Written and verbal communication skills
? Excellent communication and report writing skills
? Up-to-date knowledge of cybersecurity trends, techniques, seminars, and news.
? Attention to detail, QA skills, proactive problem-solving abilities
? Experience with hardware, software, networks, data centers, and systems related to cybersecurity
? 25%-50% travel required

Opening Doors to Incredible Opportunities:
For over two decades, Capstone has been working with elite organizations from Fortune 500s to start-ups in some of the most competitive market sectors. Because of our deep connections, we're able to match you with the most relevant and prestigious career opportunities available - whether you're an executive or manager, we'll help you reach your professional goals.

Protect Yourself from Job Scams

We've seen an increase in scam attempts targeting job seekers. Please know that our team will never request sensitive personal information-such as your Social Security number or banking details-outside of our secure onboarding system. This system is the only method we use to collect the information necessary for employment.

All official communication will come from verified company email addresses or phone numbers. If something seems suspicious, trust your instincts and don't engage. Learn how to spot job scams and protect yourself here.

Equal Opportunity Employer:
Capstone provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. We celebrate diversity and are committed to creating an inclusive environment for all employees. Capstone will provide reasonable accommodations for people with disabilities in all parts of the hiring and employment process.

---