Jobs in United States

The Global Security Lead is a senior cybersecurity role responsible for overseeing global threat detection, incident response, and escalation management. This position serves as the primary point of contact for managing external Security Operations Center (SOC) and Identity Governance and Administration (IGA) vendors. Key operational responsibilities include Data Loss Prevention (DLP) and Cloud Security. Reporting to the Head of IT Cybersecurity & Operations, the Lead is critical to strengthening Nexperia's cyber defense capabilities and ensuring the effective resolution of security incidents.

• Oversee Global Security Operations: Direct the 24/7 monitoring, threat detection, and incident response activities across Nexperia's global IT infrastructure.
• Manage Vendor Relationships & Performance: Serve as the primary point of contact for security vendors; manage contracts, service level agreements (SLAs), and performance reviews to ensure value and effectiveness.
• Lead Incident Escalation & Response: Manage the end-to-end incident response process, ensuring timely escalation, effective resolution, and thorough post-incident analysis.
• Administer Identity & Access Governance: Oversee the operations of Identity Access Management (IAM), Privileged Access Management (PAM), and ensure compliance with governance policies.
• Operate Data Loss Prevention (DLP) Program: Manage the DLP platform, including policy configuration, monitoring alerts, and investigating potential data exfiltration events.
• Manage Cloud Security Posture: Oversee security operations for cloud environments (e.g., SaaS, IaaS, PaaS), implementing and managing controls to protect cloud-based assets and data.
• Drive Continuous Improvement: Analyze security incidents and operational metrics to identify trends, implement process improvements, and enhance the overall security posture.
• Report on Security Posture: Develop and deliver regular reports on key performance indicators (KPIs), incident metrics, and the overall effectiveness of security controls to leadership.
• Develop & Refine Processes: Create and update operational procedures, playbooks, and runbooks to ensure a consistent and effective response to security threats.

• Bachelor’s degree in computer science, Information Security, or a related field. Relevant industry certifications (e.g., CISSP, CISM, GCIH) are highly preferred.
• 8-10 years of progressive experience in cybersecurity, with at least 3-5 years in a leadership role overseeing security operations (SOC), IGA, incident response, or a similar function.
• Hands-on experience managing core security technologies, including SIEM, EDR, DLP, and cloud security platforms. (e.g., CRISC, CISM, CEH, ITIL v4, Microsoft SC 300)
• Proven track record of successfully managing and holding external vendors and Managed Security Service Providers (MSSPs) accountable against SLAs.
• Ability to communicate complex security concepts clearly to technical teams, senior management, and business stakeholders.
• Experience using key security tools to detect, analyze, and manage response to cybersecurity threats and incidents.
• Experience implementing and managing security controls in major cloud platforms (AWS, Azure, GCP) and operating enterprise DLP tools.
• Strong knowledge of IAM, PAM, and identity governance principles and technologies (e.g., SailPoint, CyberArk, Okta).
• Experience managing third-party vendors and Managed Security Service Providers (MSSPs), including negotiating SLAs and holding providers accountable for performance.
• Experience leading technical responses to major security incidents under pressure, making critical decisions and managing stakeholder communication.
• Ability to translate operational data into strategic insights, prioritize initiatives based on risk, and contribute to the cybersecurity roadmap.
• Excellent verbal and written communication skills for both technical teams and senior management.
• Strong analytical skills to investigate complex security events, identify root causes, and develop long-term solutions.

D&I Statement

As an equal-opportunity employer, Nexperia values diversity not just because it is the right thing to do but because diverse teams perform better. We are dedicated to being inclusive, and a proof point of this dedication is that we were the main partner of the very first Dutch Paralympic Team NL House during the Paris 2024 Paralympic Games. Our recruitment process is inclusive and accessible to all, and we consider all applicants fairly, as well as providing a safe work environment and reasonable adjustments where requested.

In addition, we offer our colleagues the possibility to join employee resource groups such as the Pride Network Group or global and local Women\'s groups. Nexperia is committed to increasing women in management positions to 30% by 2030.