PHINIA · 7 hours ago
Chief Information Security Officer
Auburn Hills, MI
Full-time
Onsite
Director/Executive
10+ years expPHINIA is an independent, market-leading provider of premium solutions and components with a commitment to sustainability. The Chief Information Security Officer (CISO) will lead the global cybersecurity program, ensuring the protection of information assets while enabling business growth and operational resilience.
FuelIndustrialManufacturingMechanical EngineeringOil and Gas
Responsibilities
Manage Governance & Build Knowledge
Lead the ongoing refinement of PHINIA’s cybersecurity governance practices and processes, in connection with PHINIA’s enterprise risk management program
Provide regular reporting to senior leaders on cyber risk posture, program priorities and enhancements, and emerging threats
Develop, socialize, and maintain cybersecurity policies, processes, standards, and guidelines (including the Incident Response Plan); drive alignment across IT, OT, cloud, and third‑party environments
Direct enterprise‑wide security awareness and behavior‑change programs, establishing effectiveness metrics and driving measurable culture improvements
Ensure cybersecurity requirements are integrated into key vendor contracts in partnership with Legal, Procurement, and Vendor Management
Champion cross‑functional alignment, including among Privacy, Legal, Risk, Compliance, HR, Internal Audit, and business continuity stakeholders
Lead & Enhance the Cybersecurity Function
Lead a global cybersecurity organization, overseeing hiring, background checks, training, development, performance management, and succession planning
Refine the cybersecurity operating model, ensuring it aligns to enterprise strategy, digital transformation initiatives, risk management expectations and the changing cyber landscape
Manage the cybersecurity budget, ensuring cost‑effective investment strategies and clear ROI on security capabilities
Build an internal Security Champion program to extend security expertise and accountability across all business units and geographies
Set Strategy Aligned to Business Priorities
Develop and maintain a cybersecurity vision, roadmap, and multi‑year strategy that supports PHINIA’s business goals, digital future, and regulatory obligations around topics such as, disaster recovery and contingency planning, configuration and/or asset management and third party risk management
Lead enterprise‑wide risk assessment processes, enabling business leaders to make informed decisions within the agreed risk appetite
Address shadow IT (“citizen IT”) by operationalizing onboarding and control processes to mitigate risks from non‑IT managed environments
Partner with manufacturing and engineering teams to implement cybersecurity protections tailored to industrial and operational technology (OT) environments
Enhance Cybersecurity Frameworks & Controls
Enhance alignment with certain cybersecurity frameworks, such as ISO 27001, NIST CSF/800‑53, ITIL, COBIT, ENISA, or ISA‑62443, based on PHINIA’s business model and regulatory landscape
Own the unified, risk‑based control framework to harmonize global legal, regulatory, and industry requirements (e.g., SOX, GDPR, TISAX)
Maintain an up‑to‑date document ecosystem of policies, standards, operating procedures, and guidelines
Monitor and further develop enterprise‑level metrics and KPIs used to track cybersecurity program maturity, resource allocation, and security effectiveness
Build Internal & External Networks
Foster strong relationships across IT, manufacturing, engineering, HR, Legal, Internal Audit, Privacy and Compliance to ensure alignment and embed cyber requirements early in business processes
Maintain external partnerships with industry peers, vendors, law enforcement, threat intelligence groups, and relevant regulatory bodies
Partner with Enterprise Architecture to ensure security architecture principles are built into all platforms and modernization efforts
Operate the Cybersecurity Function
Ensure privacy requirements are integrated into cybersecurity processes in partnership with the Chief Compliance Officer
Establish and manage end‑to‑end cybersecurity risk, compliance, and regulatory assessments, ensuring timely remediation of findings
Embed security into the technology delivery lifecycle through secure design, threat modeling, and security testing practices
Lead cybersecurity incident management, ensuring rapid containment, cross-functional collaboration, coordinated response pursuant to the Incident Response Plan, transparent communication, and effective recovery
Monitor global threat conditions and advise senior leaders and others on mitigation strategies
Proactively identify information security deficiencies and/or opportunities for improvement to better enable business security at the global level. Lead the development of pragmatic solutions across the enterprise
Oversee resilience and business continuity alignment, recognizing that PHINIA’s operations span global, distributed ecosystems
Maintain inventories of information assets, cloud services, and third‑party digital connections
Qualification
Required
Bachelor's or master's degree in computer science, cybersecurity, information systems, business administration, or a related field
Minimum 10 years of experience across cybersecurity, IT, and risk management, including at least 5 years in a senior leadership role
Strong track record of leading cybersecurity programs in global, dynamic, manufacturing or industrial environments
Experience with contract negotiations, supplier risk management, and global security operations
Deep knowledge of information security frameworks (ISO 27001, NIST CSF/800‑53, ITIL, COBIT) and regulatory requirements (SOX, GDPR, TISAX, and industry‑specific standards)
Strong understanding of enterprise architecture, cloud security, OT/ICS security, identity and access management, and emerging technology risks
Proficiency with SIEM, IDS/IPS, firewalls, endpoint security, vulnerability management, cryptography, and cloud security tools
Up‑to‑date awareness of cybersecurity trends, digital business models, and evolving risk landscapes
Visionary leader able to bridge business and technology, influencing without relying on formal authority
Exceptional communication skills — capable of informing board‑level decisions and simplifying complex risk topics for non‑technical stakeholders
Exceptional project management skills – capable of leading the design and implementation of enterprise wide projects and driving cross-functional alignment
Strong collaboration, stakeholder management, and change‑leadership skills
Ability to drive accountability, foster a security‑first mindset, and motivate teams across dotted and functional reporting structures
Demonstrated business acumen and the ability to align security strategies with enterprise goals
Preferred
Certifications preferred but not required: CISSP, CISM, CISA, CRISC or comparable credentials
Benefits
Health and well-being resources
Family-centric policies
Agile workplace program
Formal development opportunities
Company
PHINIA
PHINIA specializes in developing fuel injection equipment solution, gasoline direct injection systems, and electrical systems.
10001+ employees
H1B Sponsorship
PHINIA has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2024 (1)
Funding
Current Stage
Public CompanyTotal Funding
$975M2024-09-10Post Ipo Debt· $450M
2024-03-26Post Ipo Debt· $525M
2023-07-05IPO
Leadership Team
Brady Ericson
President and CEO, PHINIA Inc.
Recent News
Morningstar.com
2026-01-12
International CIO Leadership Association
2025-12-05
Company data provided by crunchbase