Chief Information Security Officer

ABOUT US

PHINIA: Advancing sustainability today powering a cleaner tomorrow.

PHINIA is an independent market-leading premium solutions and components provider with over 100 years of manufacturing expertise and industry relationships with a strong brand portfolio that includes DELPHI DELCO REMY and HARTRIDGE. With over 12500 employees across 43 locations in 20 countries PHINIA is headquartered in Auburn Hills Michigan USA.

At PHINIA we Provide fuel systems electrical systems and aftermarket products and solutions of the highest quality developed and manufactured responsibly that are designed to enhance efficiency and reduce the environmental impact of vehicles industrial machinery and other doing so we contribute to a cleaner tomorrow treat our people and surrounding communities with respect and hold ourselves accountable to robust ethical standards.

Our Culture

PHINIA promotes and cultivates an inclusive culture and diverse perspectives strives to maintain its reputation for excellence thrives on the power of collaboration and fosters the development of our talented employees. We believe in making a positive impact through our business and actions and we take our collective responsibility seriously.

Career Opportunities

We believe in building a brighter tomorrow for our employees as well as our customers and encourage you to learn about our long history strong culture new technologies and future vision. We offer a strong local presence and interesting global opportunities. Join us on this shared journey toward a brighter tomorrow.

JOB PURPOSE

KEY RESPONSIBILITIES

Key responsibilities

1. Manage Governance & Build Knowledge

• Lead the ongoing refinement of PHINIAs cybersecurity governance practices and processes in connection with PHINIAs enterprise risk management program.
• Provide regular reporting to senior leaders on cyber risk posture program priorities and enhancements and emerging threats.
• Develop socialize and maintain cybersecurity policies processes standards and guidelines (including the Incident Response Plan); drive alignment across IT OT cloud and thirdparty environments.
• Direct enterprisewide security awareness and behaviorchange programs establishing effectiveness metrics and driving measurable culture improvements.
• Ensure cybersecurity requirements are integrated into key vendor contracts in partnership with Legal Procurement and Vendor Management.
• Champion crossfunctional alignment including among Privacy Legal Risk Compliance HR Internal Audit and business continuity stakeholders.

2. Lead & Enhance the Cybersecurity Function

• Lead a global cybersecurity organization overseeing hiring background checks training development performance management and succession planning.
• Refine the cybersecurity operating model ensuring it aligns to enterprise strategy digital transformation initiatives risk management expectations and the changing cyber landscape.
• Manage the cybersecurity budget ensuring costeffective investment strategies and clear ROI on security capabilities.
• Build an internal Security Champion program to extend security expertise and accountability across all business units and geographies.

3. Set Strategy Aligned to Business Priorities

• Develop and maintain a cybersecurity vision roadmap and multiyear strategy that supports PHINIAs business goals digital future and regulatory obligations around topics such as disaster recovery and contingency planning configuration and/or asset management and third party risk management.
• Lead enterprisewide risk assessment processes enabling business leaders to make informed decisions within the agreed risk appetite.
• Address shadow IT (citizen IT) by operationalizing onboarding and control processes to mitigate risks from nonIT managed environments.
• Partner with manufacturing and engineering teams to implement cybersecurity protections tailored to industrial and operational technology (OT) environments.

4. Enhance Cybersecurity Frameworks & Controls

• Enhance alignment with certain cybersecurity frameworks such as ISO 27001 NIST CSF/80053 ITIL COBIT ENISA or ISA62443 based on PHINIAs business model and regulatory landscape.
• Own the unified riskbased control framework to harmonize global legal regulatory and industry requirements (e.g. SOX GDPR TISAX).
• Maintain an uptodate document ecosystem of policies standards operating procedures and guidelines.
• Monitor and further develop enterpriselevel metrics and KPIs used to track cybersecurity program maturity resource allocation and security effectiveness.

5. Build Internal & External Networks

• Foster strong relationships across IT manufacturing engineering HR Legal Internal Audit Privacy and Compliance to ensure alignment and embed cyber requirements early in business processes.
• Maintain external partnerships with industry peers vendors law enforcement threat intelligence groups and relevant regulatory bodies.
• Partner with Enterprise Architecture to ensure security architecture principles are built into all platforms and modernization efforts.

6. Operate the Cybersecurity Function

• Ensure privacy requirements are integrated into cybersecurity processes in partnership with the Chief Compliance Officer.
• Establish and manage endtoend cybersecurity risk compliance and regulatory assessments ensuring timely remediation of findings.
• Embed security into the technology delivery lifecycle through secure design threat modeling and security testing practices.
• Lead cybersecurity incident management ensuring rapid containment cross-functional collaboration coordinated response pursuant to the Incident Response Plan transparent communication and effective recovery.
• Monitor global threat conditions and advise senior leaders and others on mitigation strategies.
• Proactively identify information security deficiencies and/or opportunities for improvement to better enable business security at the global level. Lead the development of pragmatic solutions across the enterprise.
• Oversee resilience and business continuity alignment recognizing that PHINIAs operations span global distributed ecosystems.
• Maintain inventories of information assets cloud services and thirdparty digital connections.

Key Job Skills and or competencies

Education & Experience

• Bachelors or masters degree in computer science cybersecurity information systems business administration or a related field.
• Minimum 10 years of experience across cybersecurity IT and risk management including at least 5 years in a senior leadership role.
• Strong track record of leading cybersecurity programs in global dynamic manufacturing or industrial environments.
• Certifications preferred but not required: CISSP CISM CISA CRISC or comparable credentials.
• Experience with contract negotiations supplier risk management and global security operations.

Technical & Business Expertise

• Deep knowledge of information security frameworks (ISO 27001 NIST CSF/80053 ITIL COBIT) and regulatory requirements (SOX GDPR TISAX and industryspecific standards).
• Strong understanding of enterprise architecture cloud security OT/ICS security identity and access management and emerging technology risks.
• Proficiency with SIEM IDS/IPS firewalls endpoint security vulnerability management cryptography and cloud security tools.
• Uptodate awareness of cybersecurity trends digital business models and evolving risk landscapes.

Leadership & Behavioral Competencies

• Visionary leader able to bridge business and technology influencing without relying on formal authority.
• Exceptional communication skills capable of informing boardlevel decisions and simplifying complex risk topics for nontechnical stakeholders.
• Exceptional project management skills capable of leading the design and implementation of enterprise wide projects and driving cross-functional alignment
• Strong collaboration stakeholder management and changeleadership skills.
• Ability to drive accountability foster a securityfirst mindset and motivate teams across dotted and functional reporting structures.
• Demonstrated business acumen and the ability to align security strategies with enterprise goals.

WHAT WE OFFER

We provide compensation and benefits programs intended to attract motivate reward and retain an incredibly talented globally diverse workforce at all levels within our organization. Our compensation programs are informed by market data and business needs and we are committed to providing equitable and competitive compensation. We are committed to providing our team with quality and competitive benefit programs including health and well-being resources family-centric policies and an agile workplace program where not precluded by collective bargaining agreements or national statutory plans. Plans are benchmarked for competitiveness and value.

We provide formal development opportunities at all levels and stages of employee careers. These opportunities are delivered in a variety of formats to make our portfolio of solutions agile sustainable and scalable to support our employees in developing the skills needed to succeed.

WHAT WE BELIEVE

• Product Leadership - Innovation that brings value to our customers

• Humility - Seeking out diverse perspectives and working collaboratively

• Inclusivity - Recognizing our differences makes us stronger; we are bold and intentional

• Net-Zero - Committed to energy efficiency waste reduction and beneficial reuse

• Integrity - Taking responsibility for our decisions and doing what is right

• Accountability - Taking ownership of our actions and driving results

SAFETY

You will consistently hear us say Safety First! We are committed to continually improving our strong safety performance supporting the health and wellness of our employees!

We also believe employee health and safety is everyones responsibility. We encourage safety learning and collaboration to help employees understand and follow applicable safety policies standards and procedures and identify opportunities to minimize or eliminate risk. Work is expected to be conducted in a manner that stresses the importance of preventing incidents and illnesses including attending all required safety meetings and trainings. It is expected that all incidents near misses and unsafe conditions are immediately reported to the direct manager Human Resources or Safety Representative.

EQUAL EMPLOYMENT OPPORTUNITY

PHINIA is an equal employment opportunity employer such that all qualified applicants will receive consideration for employment without regard to race color age religion sex sexual orientation gender identity/expression national origin disability or protected veteran status.

VISA SPONSORSHIP

PHINIA does provide sponsorship for employment visa status based on business need. However for this role applicants must be currently authorized to work on a full-time basis in the country where the position is currently based.

NO UNAUTHORIZED REFERRALS FROM RECRUITERS & VENDORS

Please note that PHINIA does not seek or accept unsolicited resumes or offers from third party recruiters or staffing agencies associated with any published or unpublished employment opportunities. Any unsolicited information sent to PHINIA will be considered as unencumbered and free from any fee or charge whatsoever. Only members of our Human Resources Team have the authority to engage or authorize recruiting services which must be agreed upon before the unsolicited resume or offer is received.

GLOBAL TERMS OF USE AND PRIVACY STATEMENT

Carefully read the PHINIA Privacy Policy before using this website. Your ability to access and use this website and apply for a job at PHINIA are conditioned on your acceptance and compliance with these terms.

Please access the linked document by clicking here select the geographical area where you are applying for employment and review.

Before submitting your application you will be asked to confirm your agreement with the terms.

Career Scam Disclaimer:

PHINIA makes no representations or guarantees regarding employment opportunities listed on any third-party website. To protect against career scams job applicants should take the necessary precautions when interviewing for and accepting employment positions allegedly offered by PHINIA. Applicants should never provide their national ID numbers birth dates credit card numbers bank account information or other private information when communicating with prospective employers or responding to employment opportunities online. Job applicants are invited to contact PHINIA through PHINIAs website to verify the authenticity of any employment opportunities.

Advancing sustainability today powering a cleaner tomorrow. Join us on this shared journey to a brighter tomorrow. For more information about PHINIA please visit .