Job Accountabilities

Crown Holdings, Inc. is a global leader in the design, manufacture, and sale of packaging products for consumer goods. At Crown, we are passionate about helping our customers build their brands and connect with consumers around the world. We do this by delivering innovative packaging that offers significant value for brand owners, retailers, and consumers alike. With operations in 47 countries employing over 33,000 people and net sales of over $11 billion, we are uniquely positioned to bring best practices in quality and manufacturing to our customers to drive their businesses locally and globally. Sustaining a leadership position requires us to build a team of highly talented, dedicated, and driven individuals.

Summary of Position:

The Information Security Program Manager is an integral member in planning and executing the organization’s information security strategy. This role will manage and coordinate Information Security projects across Crown globally.  Will be responsible to ensure security vendors and contractors are adhering to statement of work (SOW) deliverables, maintaining vendor relationships, will assist in security budget and administration functions related to delivering Crown security program to the organization. This position will partner with and collaborate alongside divisional and global leadership including peer Project Managers and third-party security partners to ensure security initiatives are effectively implemented and operated.  Prepares and coordinates budget forecasting, execution, and reviews as needed. Additional duties include managing all cyber threat intelligence reporting, ensuring proper analysis, assignment, and cataloging.

Responsibilities:

• Responsible to plan, manage and deliver security projects to the organization on time, with quality, security, and on budget
• Coordinate cybersecurity projects with external vendors
• Responsible to review monthly contract and vendor contractual deliverables to ensure the organization has received the value from the investments
• Tracks external cyber threat intelligence ensuring proper collection, logging, and associated impact analysis
• Perform quarterly key third party contract review (initial, quarterly business reviews, expirations, and vendor evaluation reports); tracks key third party subscription dates
• Organize information security meetings and program reviews to collect feedback and directional guidance
• Assist in the research, recommendation, and implementation of new information security systems and controls
• Support development, design, implementation, integration, and on-going maintenance of systems, applications, processes, security solutions and technologies, based on business and technical requirements
• Actively participate in developing the goals, strategy, and methodologies of the organization’s cyber program in alignment with the overall Information Security program strategy
• Assist in the development of security policies, standards, procedures, and guidelines

Job Requirements

• Bachelor’s Degree in Information Systems, Computer Science, Engineering, or other related fields required 
• PMP certification is desired but not required for this role
• Active security certifications preferred:  CISM, CISSP, CCNA, CCNP or other similar certifications
• Operational, technical, or product management experience in one or more of the following key disciplines: SEIM, Data Protection, Network Security, End Point Security, Forensics, Fraud, or Threat Intelligence
• Knowledge of or work experience in implementing projects that follow an Information Security framework such as NIST Cyber Security Framework, ISO 27001, 27002. 
• Working knowledge of MITRE ATT&CK, or Lockheed Kill Chain methodology
• Knowledge of Security Standards and how they may apply to IT and OT environments
• 3+ years in a cybersecurity project manager role; experience managing project delivery of cybersecurity projects
• Basic working knowledge / experience working with Security Information Event Management (SIEM), Continuous Monitoring, Intrusion Detection/Prevention Systems (IDPS/PS), Network, Incident Response, Endpoint Security Systems, Threat Modeling

Core Competencies:

• Natural passion for security and strong drive to see both projects and investigations to completion
• Proven leadership skills including effective oral and written communication, performance management, issue resolution, negotiation, motivating and influencing team members, forecasting, and planning
• Excellent verbal, written, and presentation skills
• High level of personal integrity, and the ability to professionally handle confidential matters
• Have strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level
• Functional technical knowledge of infrastructure, networking, architecture, security, and applications
• Understanding of budget operations, cycles, processes
• Meet project implementation targets
• Highly organized and task oriented.
• Advanced problem solving and troubleshooting skills.
• Ability to prioritize and assign tasks.