Loading...
Share this Job

With over 80 years as an industrial technology leader, Kennametal Inc. delivers productivity to customers through materials science, tooling and wear-resistant solutions. Customers across aerospace, earthworks, energy, general engineering and transportation turn to Kennametal to help them manufacture with precision and efficiency. Every day approximately 10,000 employees are helping customers in more than 60 countries stay competitive. Kennametal generated nearly $2.4 billion in revenues in fiscal 2019. Learn more at www.kennametal.com. Follow @Kennametal: Twitter, Instagram, Facebook, LinkedIn and YouTube.

Global Job purpose (A brief statement indicating the basic purpose of the job)

 

The Risk, Compliance, & InfoSec Team Member conducts essential risk management activities for Kennametal. This is accomplished by executing risk assessments and supporting Kennametal’s information classification and protection efforts.  In addition, the Team Member is instrumental in helping ensure Kennametal remains aware of and meets compliance requirements.  The jobholder will be responsible for leading assessments, conducting risk analysis and monitoring mitigation plans.

 

 

Geographical scope

Global

 

Major tasks and responsibilities

 

  • Serve as a technical resource for structured cybersecurity risk assessment and analysis
  • Consult and guide Kennametal business partners on information classification and labeling
  • Provide input to information protection controls, including Data Loss Prevention technologies
  • Monitor and consult on risk treatment

 

Risk Management

  • Conduct structured risk assessments
  • Develop risk mitigation status reports
  • Provide qualified guidance on SOC alerting conditions and necessary data sources

 

Information Security

  • Identify confidentiality, integrity, and availability requirements of Kennametal data and information
  • Build security controls commensurate with information security requirements
  • Consult on information classification and labeling efforts

 

Cybersecurity Compliance Management

  • Research and investigate laws and compliance requirements related to information security, including data privacy, data protection, and data breach disclosure

 

Other Areas of Effort

  • Support the achievement of the Global IT Strategy

 

Work relations

Internal:

  • Global Business stakeholders (process owners, key users, management)
  • Teams and team/department leads within IT

 

Qualifications (Education, skills, experiences)

  • B.S in information assurance (or related field) with minimum of 3 years’ experience
  • Practical experience with risk assessments (e.g., FAIR, OCTAVE, NIST 800-30, others)
  • Experience with managing global compliance requirements (e.g., GDPR, SOX, Chinese Cybersecurity laws, US data breach disclosure)
  • Understanding of ITIL/ service management concepts
  • Exemplary verbal and written communication skills (English business fluent spoken and written)
  • Demonstrated ability to think strategically and perform detailed, complex analysis and data interpretation
  • Effective interpersonal skills, out-of-the-box thinking and ability to interface with all levels of staff
  • Ability to work under pressure and deal with ambiguous situations
  • Ability to travel globally

 

Ideal, but not required

  • Experience in a global corporation
  • Experience with enterprise risk management and structured risk assessment programs
  • Experience with enterprise information security, including information classification programs
  • Experience with Data loss Prevention technologies
  • Certified Information Systems Security Professional (CISSP) certification or equivalent
  • Experience with managing global compliance requirements related to cybersecurity and data privacy, with specific focus on ITAR/800-171/CMMC, ISO27001, GDPR and other data privacy regulations

 

Kennametal is an Equal Opportunity Employer 


Job Segment: Engineer, Social Media, Information Systems, Database, Materials Science, Engineering, Marketing, Technology, Science