Director of Information Security

Job Description

At Landis+Gyr, we don't just manage energy-we lead the transformation toward a smarter and more sustainable energy future.

With a net revenue of USD 1.73 billion in FY 2024, and a presence in over 30 countries across five continents, Landis+Gyr empowers utilities and consumers to optimize energy usage through advanced metering, grid-edge intelligence, and powerful data analytics.

Today, our global team of about 6,300 professionals is shaping the digital energy era-developing innovative technologies that support decarbonization, grid modernization, and real-time energy insights. Our record USD 4.6 billion order backlog and strong book-to-bill ratio reflect long-term confidence in our mission and solutions.

Join us at Landis+Gyr, where we manage energy better!

Information security covers Policy Creation, management, and validation of security compliance across the Information Security, Cyber-Security, Physical Security, Supply Chain Security, Security in R&D, DR and Information Security Incident Management.

The roll will be based in the US and will provide Company wide Leadership and support to drive the implementation of Group Information Security policies, procedures and internal security auditing. The role will also be directly accountable for the management of all Information Security certifications (ISO27001, SSAE18, etc) through the support of site Information security managers.

Purpose and Objective

• Direct and manage the Global Information Security Team
• Own the development and implementation of the Group Information Security (IS) strategy for the company in close co-operation with key stakeholders such as Cyber Security, IT compliance, R&D and the information security resources at local entities.
• Accountable for all ISO27001, SSAE18, and all other security compliance certification implementation & ongoing management of compliance for the company
• Co-ordinate and harmonize IS processes and the Information security Management System (ISMS) across other sites
• Lead process to ensure business units comply to the ISO27001 standard and contribute to the wider improvement of the Group security framework.
• Supporting customer project teams in information security topics
• Responsible for ensuring all vendor and customer contracts align with the global information security compliance requirements.

Key Performance Indicators

• Successful implementation & ongoing compliance of ISO27001, SSAE, and all other security certifications for L+G sites
• Ownership and assurance of compliance with companywide security certifications
• Devise and implement an ISMS strategy and support towards having a harmonized L+G Global ISMS Framework
• Provide support and co-ordination during external audits and customer tender requests
• Satisfy business in Solution customer projects by providing security expertise for our Customer offerings (end to end)

Core Areas of Responsibility/Accountability

• Accountable for Managing and Leading the Global Information Security Team of 6-8 resources and a Direct report to the Chief Security Officer
• Accountable for implementation & managing 27001 and SSAE certifications
• Co-ordination responsibility of the ISMS
• Process owner and provider of subject matter expertise to the business on Information Security and information security certification
• Implementation of standardized IS controls within business processes
• Support the Business Management to make informed decisions regarding information security
• Coach, train employees in information security (incl. awareness)
• Manage & conduct internal 27001 and SSAE18 audits
• Develop reports (incidents, audits, risks, etc.) to support wider communication of the Info Sec.
• Perform internal information security audits
• Support and advise on customer requests for information security
• Support and advise for supplier relationships
• Satisfy business in Solution customer projects by providing information security expertise
• Some travel may be required

Required Experience

• Past experience managing security or information security teams
• Past experience in a similar international role.
• Past experience in implementing ISO27001 and SSAE18 within an organization
• Qualified lead auditor and preferably has pursued advanced qualifications such as CISA/CISM
• Good understanding and experience in implementing GDPR and DPIA will be a plus
• Experience in managing projects and virtual teams
• As this role will be a stand-alone/self-managed function, the position holder must be able to demonstrate influential abilities to gain buy-in and work with key stakeholders such as site management and IT.
• Ability to capture stakeholder requirements and be able to prioritize the work to fulfill these requirements and maintain compliance
• Ability to work in a matrix organization, employees of different nationalities and backgrounds

Educational / Professional or Vocational Qualifications

• Technical diploma or degree in engineering/ computer science/ IT
• Training in GDPR would be a plus
• Good knowledge of other ISO standards (Eg: 9001, 22301)

Landis+Gyr is a global leader in energy management solutions, operating in over 30 countries and headquartered in Switzerland. We are thrilled that you've considered Landis+Gyr to be a part of your professional journey. As a part of the L+G family, employees are offered a comprehensive and competitive package of benefits including medical, dental and vision coverage, life insurance, and a 401(k)-retirement plan featuring a generous company match incentive. Additionally, we offer three (3) weeks of Paid Time Off (PTO) as well as eleven (11) paid holidays. We also offer a tuition reimbursement program, optional pet insurance, supplemental medical coverage and a host of other perks to ensure the health, wellness, and enrichment of our team members.

Pay is in the range of $140,000 - $188,583 per year. The position is eligible for a 401(k) match and consideration for an annual bonus. The actual base salary offered depends on a variety of factors, which may include, as applicable, the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, and certifications or other professional licenses held. All candidates are encouraged to apply.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

We value and encourage diversity in our team. This position is open to all qualified candidates regardless of gender, race, age, disability, sexual orientation, or background. We're committed to shaping a better future for everyone. #EnergizeYourCareer and join us on our journey towards a greener tomorrow.