Full-time on-site relocation if needed CYBER VULNERABILITY & INVESTIGATIONS MANAGER – 104433
Location: Pittsburgh, Pennsylvania with paid relocation if needed onsite with paid relocation if needed. Scheduled work-from-home days
Hybrid schedule, in office Mon, Wed, and Thur. Work from home Tue and Fri.
Industry: Manufacturing & Production
Job Category: Information Technology – Security
Howmet Aerospace is searching for a Cyber Vulnerability & Investigations Manager to join our Global Information Services (GIS) team in Pittsburgh, PA.
This position has global (domestic and international) accountabilities for all location operating units and GIS worldwide. This is an experienced position on the Corporate Information Security (CIS) team focusing on data loss prevention and critical professional support for the company’s eDiscovery and vulnerability activities and responsibilities. This role will participate in developing, deploying, and implementing new systems, technologies, and information solutions. This position will report to the Chief Information Security Officer (CISO).
Major Activities / Key Challenges:
Manage Vulnerability Management and Cyber Investigation, team
Provide industry best practices for vulnerability management and investigations practices
Assist the company’s ongoing eDiscovery and Legal Hold Processes
Facilitate eDiscovery coordination with data centers, custodians, HR, and the Legal department.
Coordinate an inventory of electronically stored data on removable media storage and document via a chain of custody forms.
Maintained the company’s Legal Hold Processes documentation.
Maintain a master list of legal holds by matter ID and hold status
Maintain the Data Loss Prevention program, training, and products
Experience with digital forensics processes and products
Provide reactionary support and/or preventive maintenance on the systems in assigned area(s) of responsibility, without supervision
Provide advice and counsel to the users of the systems in assigned area(s) of responsibility
Conduct Self-Assessment and Audit functions to ensure quality
Maintaining accurate inventories of removable media devices and chain of custody from point of collection to production
Packing and transferring electronic data to offsite secure storage or to outside litigators for production
Cataloging all evidence collected and produced/exported to outside counsel
Monitoring notices and reminders as sent over course of a hold, confirming received, when sent/received
Releasing electronically stored data when notified
Reviews security technologies, tools and services and makes recommendations to the broader security team for their use, based on security, financial and operational metrics
Provide monthly metrics of investigations and DLP incidents
Contribute to the development of annual budgets for the CIS team
Self-driven with an acute sense of urgency
Ability to create clear and concise investigative reports
Organizational skills and discipline to build and maintain structured plans
Experience with top-tier eDiscovery, DLP, Investigative and Forensic products
Ability to objectively view and assess cyber security alternatives
Interpersonal skills to manage often difficult or highly technical conditions
Results driven and accountable for actions
Works equally well whether independently or as part of a physical or virtual global team
Able to forge strong, trusting collaborative relationships
Ability to work with data of the highest sensitivity in complete confidence
Experience valuing a diverse workforce and inclusive work environment
Associates Degree from an accredited university
Minimum five years of experience in IT
Minimum three years of experience with eDiscovery, Legal Hold, and DLP
Employees must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of Hire. Visa sponsorship is not available for this position.
Ability to interact with internal and external customers, other analysts, and IT management
Security-related Certifications such as CECI, CHFI, GCFE, GLEG, etc.
Experience with NIST 800-171/CMMC knowledge