Head of Cyber Security (Hybrid)

NOVA Chemicals helps shape a world where products vital to our health and happiness are even better tomorrow than they are today. We are seeking talented and passionate people who enjoy working in a collaborative, innovative environment to join our dynamic team.

We are seeking a highly motivated individual to join our team as Head of Cyber Security. In this role you will be accountable for leading and overseeing NOVA’s cyber security and technology risk management program. The Head of Cyber Security leads a team of security professionals to provide cyber security governance, development of policies and procedures, and execution of programs and technologies to ensure best-in-class cyber security protection to manufacturing industry standards. The role will be an expert at technology risk management, and internal / external compliance and 3rd party supplier security management.

The Head of Cyber Security will facilitate and collaborate with business functions to ensure that technology initiatives across our business and technology functions are architected and delivered in a safe and secure manner.

What You Will Be Doing:

• Leads cyber security strategic planning and defines and coordinates the evaluation, deployment, and management of current and future security technologies using a risk-based assessment methodology.
• Develop, implement, maintain, and oversee security governance, policies, procedures, and associated plans across all IT systems following industry-standard best practices.
• Work closely with our Enterprise risk and compliance teams to ensure fit-for-purpose controls are implemented, tested, and continuously improved across key business systems.
• Accountable for facilitating internal audits and working with third-party auditors as needed to maintain compliance.
• Lead IT risk assessment and management processes across all IT systems. Ensure best practice and develop plans to mitigate unacceptable risks.
• Lead cybersecurity operations teams to establish and continuously improve cybersecurity controls such as proactive threat hunting, vulnerability and patch management, and event alerting and response management.
• Implement and lead the exercise of the incident response plans across all stakeholders.
• Assist with the design and implementation of disaster recovery and business continuity plans.
• Manage relationships and performance of key external vendors, particularly the Managed Security Services Providers (MSSP) to ensure effective security operations.
• Promote and oversee strategic security relationships between internal resources and external entities, including government, vendors, and partner organizations.
• Create a security culture across the entire organization through public speaking and employee training and awareness programs.
• Provides regular updates on the cyber security status, threats, and vulnerabilities to Senior Leaders, the Board Risk Committee and the full board of Directors on a periodic basis.
• Remain informed on trends and issues in the security industry, including current and emerging technologies. Remain informed on privacy trends and issues.

What We Are Looking For:

• The successful candidate will have a bachelor’s degree in computer science, Information Security, Engineering, or related field and at least 15 years’ related experience, including 5+ years of experience leading a corporate cyber security function.
• Experience with best practice cyber methodologies and standards such as National Institute of Standards and Technology (NIST) Cyber Security Framework.
• Knowledge of and experience managing information security assessments including penetration tests, physical / social engineering testing, internal network testing, policy / procedure reviews, application testing.
• A solid understanding of infrastructure, cloud and application architecture, security and network technologies including identity management, authentication, encryption and security threats and trends and their interdependencies.
• Strong understanding of audit / risk management methodologies and regulatory requirements pertaining to information security, privacy and / or data security.
• Effective organizational, presentation and communication skills with the ability to lead and drive change.
• Influential leadership abilities, coupled with direct leadership experience of staff to include feedback, coaching, motivation, and directing the work activities of direct reports.

The following will be considered an asset:

• Experience in Operational Technology and control systems.
• Certified Information Systems Security Professional (CISSP) certification and other relevant certifications (e.g., Certified Information Security Manager (CISM)).

You Can Stand Out If:

• You are passionate about your work and put care and thought into all that you do.
• You are responsible and follow through with your commitments to others and to safety.
• You are innovative and are willing to challenge your biases when problem solving.
• You are collaborative, inclusive, and work well with others towards team goals.

Additional Information:

• Relocation will be considered to the nearest geographical NOVA Chemicals' location for this position.
• Compensation will be commensurate with education and experience.
• This role requires up to 25% travel.
• The successful candidate is required to provide proof of a valid driver’s license.

Why NOVA Chemicals?

NOVA Chemicals’ flexible benefit programs are designed to meet the diverse needs of our employees, because when it comes to benefits, everyone has different priorities. Our benefits offerings will vary based on your work location, and are an element of the “Total Rewards” package used to reward employees.