Director, Information Technology Security in Livonia, MI at Masco

Date Posted: 11/18/2019

Job Snapshot

Job Description

Job Description

The Company:

Masco Corporation (NYSE:MAS) is one of the world’s largest manufacturers of brand-name products for the home improvement and building product markets. Masco is also a leading provider of a variety of building products and services.  Our home products include faucets, kitchen and bath cabinets, paints and stains, bath and shower units, spas, showering and plumbing specialties, windows and decorative hardware.  We have market leading brands in architectural coatings (Behr®, KILZ®), windows (Milgard®, Griffin®, Premier®), plumbing (Delta®, Hansgrohe®, Axor®, Brizo®, Bristan®, BrassCraft®, Cobra®), cabinetry (KraftMaid®, Merillat®, Quality®), bathing (Delta®, Peerless®, Mirolin®, Huppe®), and home hardware and other specialty products (Hot Springs Spas®, Brainerd®, Liberty Hardware®).  For more information on the Masco family of brands, visit www.masco.com.

The Position:

Director, Information Technology Security

This position has responsibility for coordinating and supporting governance and security efforts in collaboration with key stakeholders across the Masco enterprise, including cross-functional coordination of the governance and security aspects of Masco systems. The Director Information Technology Security position will help identify and operationalize risk management initiatives and standards that need to be applied to Masco’s operating environment.

Responsibilities: 

  • Support and drive the information technology security strategy and activities across the enterprise to ensure consistent and high-quality information security management in support of business goals.
  • Contribute to the definition, development, and oversight of a global network and endpoint security threat management strategy and framework.
  • Determine the information security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of nondigital risk areas.
  • Work effectively with business units to facilitate information security risk assessment and risk management processes and support them to own and accept the level of risk they deem appropriate for their specific risk appetite.
  • Assign and oversee resources on risk assessments, required controls definition, control procedure appropriateness, vulnerability assessments etc.
  • Provide regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program, thus supporting business outcomes.
  • With the participation of the CIO council, create and manage a unified and flexible control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations.
  • Consult with CIO council partners on Technology Controls and Information Security programs, policies, standards and incidents.
  • Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection of information assets.
  • Conduct comprehensive risk and control design assessments for an application portfolio, articulate and document impact of control gaps to the business and the overall Bank, risk mitigation and remediation plans, remediation strategy document or provide info security solutions to address risks.
  • Working closely with our business unit IT staff and leadership, manage and contain information security incidents and events to protect IT assets, intellectual property, regulated data and the company's reputation.
  • Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
  • Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the information security, and review it with stakeholders at the executive and board levels.
  • Ensure technology, processes and governance are in place to monitor, detect, prevent, and react to security threats against the business.
  • Ensure the IT business unit teams and enterprise follow internal policies and procedures, technology control standards and applicable regulatory guidelines.
  • Adhere to and advise on, oversee, monitor, enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
  • Facilitate and support the development of asset inventories, including information assets in cloud services and in other parties in the organization's ecosystem.

Experience & Qualifications:

  • Bachelor’s degree in Information Services or a related field of study.
  • 10+ years of relevant experience.
  • Relevant Information Security certifications (ex. CISSP, GIAC, MCSE, CEH, CHFI, CISA, CISM, CRISC, etc.)
  • Experience implementing security and compliance best-practice processes and procedures
  • Excellent communication, negotiation and organizational skills, including the ability to present options in business terms to both IT and business leaders.

Masco is an Equal Opportunity Employer with a culture that supports our commitment to diversity and inclusion.

Company

Default Company

Full or Part Time

Full time

Masco Corporation (the “Company”) is an equal opportunity employer and we want to have the best available persons in every job. The Company makes employment decisions only based on merit. It is the Company’s policy to prohibit discrimination in any employment opportunity (including but not limited to recruitment, employment, promotion, salary increases, benefits, termination and all other terms and conditions of employment) based on race, color, sex, sexual orientation, gender, gender identity, gender expression, genetic information, pregnancy, religious creed, national origin, ancestry, age, physical/mental disability, medical condition, marital/domestic partner status, military and veteran status, height, weight or any other such characteristic protected by federal, state or local law. The Company is committed to complying with all applicable laws providing equal employment opportunities. This commitment applies to all persons involved in the operations of the Company regardless of where the employee is located and prohibits unlawful discrimination by any employee of the Company.

Masco Corporation is an E-Verify employer. E-Verify is an Internet based system operated by the Department of Homeland Security (DHS) in partnership with the Social Security Administration (SSA) that allows participating employers to electronically verify the employment eligibility of their newly hired employees in the United States. Please click on the following links for more information.

E-Verify Participation Poster: English & Spanish
E-verify Right to Work Poster: EnglishSpanish

No visa sponsorship is available for this position, unless specified within the job description.


  • TN #IND