Microchip Technology Inc. is a leading provider of embedded control applications. Our product portfolio comprises general purpose and specialized 8-bit, 16-bit, and 32-bit microcontrollers, 32-bit microprocessors, field-programmable gate array (FPGA) products, a broad spectrum of high-performance linear, mixed-signal, power management, thermal management, radio frequency (RF), timing, safety, security, wired connectivity and wireless connectivity devices, as well as serial Electrically Erasable Programmable Read Only Memory (EEPROM), Serial Flash memories, Parallel Flash memories, and serial Static Random Access Memory (SRAM). We also license Flash-IP solutions that are incorporated in a broad range of products.
- This position reports to the VP of Information Services
- Set the overall information security strategic plan. Work closely withIT Compliance for overall best governance processes.
- Ensure integration of all cyber security strategies, policies, requirements and practices across the enterprise
- Act as liaison between IT Security, the Business Units, IT Infrastructure and Enterprise application development teams ensuring engagement of the appropriate thought leadership for security requirements, risk assessed decision making, and program execution.
- Drive the development, maintenance, and execution of the security road map that captures, prioritizes, and sequences current and future initiatives, regulations, and capabilities across the business.
- Communicate effectively to the senior leadership team and keep the business informed of security strategy and emerging industry threats.
- Provide regular risk-based reporting for the Board of Directors and audit committee on matters related to information security and compliance.
- Serve as the information security process and policy owner for ongoing activities related to the availability, integrity, and confidentiality of all information (i.e., customers, business partners, employees, and business information)
- Work with the IT compliance group to provide oversight regarding audit, regulatory and risk management activities including; NIST SP 800-179, Dept Homeland Security, GDPR, etc.
- Evolving information technology architecture and the subsequent exposures and defenses that have simultaneously emerged
- Monitor and analyze technology risk trends and conduct external and internal information security risk and vulnerability assessments to protect corporate IT assets
- Leading information security in an environment that requires rapid incident response
- Address security incidents and respond to policy violations or complaints from external parties following the established Incident Reporting and Response Program
- Recommend appropriate counter measures for internal security incidents and events
- Provide input into contract terms with cloud, personal device, outsourced providers around information security related issues.
- Continue to build maturity of the 3rd party due diligence program to adequately measure risk impact of key high-risk vendor relationships
- 5yrs working with senior business leaders and exposure to Board of Directors of globally based companies.
- Mandatory Undergraduate degree in computer science or a related field
- Preference to those with a Master’s degree in IT Security or CISSP or CRISC certifications.
- Minimum 13 years of information technology experience in roles of increasing complexity and leadership requirements
- Experience working in multiple countries & willingness to travel when needed.
- Either hold DHS security clearances or have ability to apply.
Equal Opportunity EmployerMicrochip is an Equal Opportunity/Affirmative Action Employer of Disabled / Veterans / Minorities / Women. We provide equal employment and affirmative action opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other basis protected under applicable federal, state or local laws.
For more information on applicable equal employment regulations, please refer to the EEO is the Law Poster and the EEO is the Law Poster Supplement. Please also refer to the Pay Transparency Policy Statement.