|Location:||Cleveland, OH||Country:||United States||Job Code:||3027||Position Type:||Salary|
Founded in 1847,
Cleveland-Cliffs Inc. is the largest and oldest independent iron ore mining company in the United States. We are a
major supplier of iron ore pellets to the North American steel industry from our mines and pellet plants located
in Michigan and Minnesota. By 2020, Cliffs expects to be the sole producer of hot briquetted iron (HBI) in the
Great Lakes region with the development of its first production plant in Toledo, OH. Driven by the core values of
safety, social, environmental and capital stewardship, our employees endeavor to provide all stakeholders with
operating and financial transparency. For more information, visithttp://www.clevelandcliffs.com
Thank you for your interest in exploring a career opportunity
with Cleveland-Cliffs. Our Career site is updated daily with new opportunities, so please check back
Summary of Principle
Reporting to the Director of Enterprise
Services, the Manager Security Services provides strategic vision and architectural guidance on the design
formulation, integration, maintenance, and life cycle management of all enterprise security solutions and
This position is responsible for
coordinating the configuration, installation, optimization, and daily operation of the software and infrastructure
components that comprise the enterprise security footprint at Cliffs, as well as ensuring the security and
compliance of all information technology assets.The manager is also responsible for guaranteeing that the
appropriate monitoring tools and metrics are in place to measure and meet standards.
The manager will evaluate new
technologies, propose new services and solutions, and is responsible for the timely refresh of existing hardware
and software. The manager also formulates business cases, provides budgetary guidance, and works with project
management and associated teams to ensure the successful implementation of projects.
This position is responsible for
engaging in vendor negotiations and maintaining key relationships. The manager develops yearly capital and expense
budgets and ensures the adherence to those budgets.
The manager is accountable for the
creation of training and development plans for all direct reports. Strong leadership, coaching and mentoring
skills are a prerequisite.
Specific Responsibilities/Essential Functions
- Performs strategic planning,
evaluation, certification, and sets direction for all security related software, hardware, and
- Estimates and budgets
- Shares knowledge and develops skills
of team members through coaching and feedback.
- Designs, implements, recommends, and
supports security standards.
- Continues to increase the security posture of the company by
leveraging the enterprise Security Event and Incident Management tools (SIEM), perimeter email defense,
vulnerability management platform, anti-virus, intrusion detection, and password/account management
- Manages and ensures the effectiveness of each enterprise security
solution and service.
- Oversees the annual Disaster Recovery Test from a security and
- Coordinates the annual penetration
tests conducted at corporate and mine site locations.
- Works with leadership to create and
enforce a formal enterprise security strategy.
- Maintains and modifies the IT
Incident Response Plan and coordinates incident response exercises each year with IT and key business
- Manages all initiatives and
activities related to security remediation tasks.
- Manages and maintains the Active
Directory environment, while promoting and enforcing the philosophy of least privileged
- Initiates and maintains contact with
vendor representatives for technical support, maintenance, upgrades, and availability
- Acquires and maintains knowledge of
current Cleveland-Cliffs Inc. standards, policies, procedures and audit requirements. Communicates with intra and
inter-department team members as required, as well as members of technical and project management teams. Fulfills
administrative and technical leadership duties as required.
- Takes a leadership role in
projects/initiatives and works within the established PMO framework.
- Analyzes, designs, and implements
cost-effective solutions to complex business problems according to user specifications.
- Monitors and identifies capacity and
performance issues to ensure continued, uninterrupted operation of systems.
- Modifies and optimizes security
systems to accommodate additional service needs or required changes.
- Works with business partners to
establish service level agreements based on user requirements.
- Effectively allocates resources
(technology and personnel) based on requirements, available capacity, and future growth.
- Conducts testing and development of
disaster recovery plans to detect faults, minimize malfunctions, and ensure recovery of security related
- Stays up-to-date with current threat
landscape and provides strategic assessments to address threats as they occur.
- Administers all contracts for
security software, equipment, and services.
- Prepares budget recommendations,
analyzes invoices, performs usage audits and makes cost saving recommendations.
- Manages and provides on-going
guidance to develop members of the team.
- Performs additional duties as
directed by the Director of Enterprise Services.
- Bachelor’s Degree in Information Systems, Computer Science
or an equivalent degree.
- Certification in one or more of the
- CISSP, CISM, CISA,
- Manufacturing industry experience is preferred; mining experience
is a plus.
- 10+ years of security experience within a corporate IT
- 5+ years of experience with
personnel management, serving as a CISO or Security Manager.
- Proven experience documenting systems configurations, processes
- Ability to communicate with and
understand the needs of non-technical constituents, both internal and external.
- Fundamental understanding of information technology and best
security practices and standards.
- Familiarity with the following
technologies: Identity Management and authentication platforms, authorization, password and privilege management,
access control, next generation firewalls (Palo Alto), virtual private networking, and computer network defense,
firewall and router configuration, switches, secure network architecture, PKI, IPSEC, SSL, SSH, SMTP, FTP, WAN,
Radius, F5, Sniffer technologies, modern Windows Operating Systems (2012-19/, 7-10), modern Linux based Operating
Systems (Red Hat, Oracle Linux), Vulnerability Management platforms (Qualys), Office 365, Active Directory,
- Ability to research, prepare, and present cost estimates, budget
reports, capacity forecasting, and systems upgrade recommendations.
- Ability to read and interpret technical documents and procedure
- Strong interpersonal skills, oral
communication skills, and proven analytical and creative problem-solving abilities.
- Strong customer service orientation.
- Experience working in a team-oriented, collaborative
- Successful candidate must be detail
oriented, well organized, assertive, and be able to manage multiple tasks simultaneously.
- Excellent written and verbal communication
- Outstanding presentation skill to
other team members and to management team.
- Leadership and strong interpersonal
skills; results-driven, team player
- Creative problem solving and
- Candidates should be highly motivated and willing to learn new
practices as required.
- Must be able to effectively communicate with customers, peers and