New

Director of Cybersecurity Continuous Control Monitoring

Cox
parental leave, paid time off, paid holidays, sick time, 401(k)
United States, Georgia, Atlanta
6205 Peachtree Road (Show on map)
Jan 19, 2025
The Director of Continuous Control Monitoring will be responsible for leading the strategy, development, implementation, and oversight of a platform that will continuously monitor and report on the state of Cox Automotive's critical cyber controls. The scope of this role is Cox Automotive wide and includes both enterprise and product technologies as well as both domestic and international business units. This leader will direct the strategy and day to day operations of the cybersecurity team's continuous control monitoring platform for measurement of ongoing compliance to Cox Automotive's critical cyber controls. This role will collaborate with cross-functional teams, including engineering, risk management, and compliance, to ensure alignment with cybersecurity and regulatory requirements. This role will directly report to the Senior Director of Vulnerability Management and Continuous Control Monitoring. Primary Responsibilities: Define and execute the vision and strategy for our continuous control monitoring platform and data model that supports our overall critical cybersecurity objectives and priorities. Brief leadership on the state of critical cybersecurity controls including providing insights into compliance trends and impact of strategic investments of the cybersecurity program. Drive strategic alignment between cybersecurity and enterprise and product technology teams on the development of appropriate scoring algorithms and measurement criteria, including defining and setting policies where needed. Lead and mentor a team of engineers who are responsible for developing, testing, and maintaining the continuous control monitoring platform and related data models that integrate data from various cybersecurity and technology sources to report on the current state of Cox Automotive's critical cyber controls. Drive alignment with engineering and architecture leaders, other cybersecurity leaders, and broader Cox Automotive Product and Technology Group leaders to ensure security requirements for metadata or technical integrations necessary to provide relevant critical cyber control reporting to all layers of the organization. Design and build consumable and audience appropriate reporting of the state of critical cyber controls for consumption by engineering teams, engineering team managers and directors, cybersecurity leaders, and senior technology and business leaders. Engage with business leaders to ensure understanding and support of cybersecurity strategy, priorities, and initiatives. Lead and coordinate large-scale information security projects, including implementation and delivery of correlating overall cybersecurity analytics and reporting, workflow and orchestration solutions. Identify, propose, and influence business solutions, negotiate deliverables and requirements across multiple business customers or organizations. Partner with other functional groups to develop, manage, track, and analyze operational support structures, tools, methods and procedures to improve process efficacy, inter-team communications, and the customer experience. Provide leadership and strategic direction for the function, including budgeting capital and operating expenses. Oversee and lead contract negotiations and vendor management for continuous control monitoring and other security capabilities as appropriate. Working knowledge/experience of network systems, security principles, and applications. Fundamental understanding of defense-in-depth and intelligence-driven strategies. Develop a training program to ensure ongoing education of continuous control monitoring resources. Minimum Qualifications: Bachelor's degree in a related discipline and 10+ years of experience required in the field of information security with a demonstrated path of increasing scope and management responsibilities. The right candidate could also have a different combination, such as a master's degree and 8 years' experience; a Ph.D. and 5 years' experience in a related field; or 14 years' experience in a related field. 5+ years managing or leading an Information Security function with direct reports Ability to drive consensus and collaboration among many diverse teams, individuals and functional groups to achieve desired business results. Excellent interpersonal, leadership, presentation, and collaborative skills to work effectively with teams throughout organization. Demonstrated track record of both project and operational delivery. Demonstrated knowledge and expertise in governance, risk management, and cybersecurity frameworks and standards (e.g., NIST, ISO, CIS, OWASP). At least one relevant industry certification - CISSP, SANS GIAC, C\|EH, CISM, CRISC, CISA, CPA. Preferred Qualifications: Advanced degree (MBA / MS). 5+ years of experience in a senior management role. Cybersecurity experience in critical infrastructure industries (i.e. telecommunications, financial services, defense or government). USD 159,400.00 - 265,600.00 Compensation: Compensation includes a base salary of $159,400.00 - $265,600.00. The base salary may vary within the anticipated base pay range based on factors such as the ultimate location of the position and the selected candidate's knowledge, skills, and abilities. Position may be eligible for additional compensation that may include an incentive program. Benefits: The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company's needs, and its obligations; seven paid holidays throughout the calendar year; and up to 160 hours of paid wellness annually for their own wellness or that of family members. Employees are also eligible for additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, and parental leave. Applicants must currently be authorized to work in the United States for any employer without current or future sponsorship. About Cox Automotive At Cox Automotive, people of every background are driven by their passion for mobility, innovation and community. We transform the way the world buys, sells, owns and uses cars, accelerating the industry with global powerhouse brands like Autotrader, Kelley Blue Book, Manheim and more. What's more, we do it all with an emphasis on employee growth and happiness. Drive your future forward and join Cox Automotive today! About Cox Cox empowers employees to build a better future and has been doing so for over 120 years. With exciting investments and innovations across transportation, communications, cleantech and healthcare, our family of businesses - which includes Cox Automotive and Cox Communications - is forging a better future for us all. Ready to make your mark? Join us today! Benefits of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO). For more details on what benefits you may be offered, visit our benefits page . Cox is an Equal Employment Opportunity employer - All qualified applicants/employees will receive consideration for employment without regard to that individual's age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law. Cox provides reasonable accommodations when requested by a qualified applicant or employee with disability, unless such accommodations would cause an undue hardship. Statement to ALL Third-Party Agencies and Similar Organizations: Cox accepts resumes only from agencies with which we formally engage their services. Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes.