Join Our Team

                                                                                                           aculocity

Join the dynamic and fast-paced world of Aculocity, a global technology consulting company dedicated to revolutionizing business processes through cutting-edge technology solutions. Since our formal inception in 2006 (and informal in 1999), we've been at the forefront of delivering tailor-made software development solutions, seamless software system implementations, powerful business intelligence, and innovative business process solutions.

As a proud member of the GVW Group, LLC portfolio of companies, we are a premier provider of technology services for GVW's extensive portfolio and a rapidly growing external client base. Join a team that is driving innovation and transforming businesses worldwide. Elevate your career with us at Aculocity.

Summary:

The Head of IT Cybersecurity is the primary execution leader for cybersecurity across GVW Group’s IT, cloud, data, digital, and manufacturing (IT/OT) environments. This role exists to translate Group cybersecurity strategy, risk appetite, and policies into reliable, scalable, and operationally effective cybersecurity controls.

The role is accountable for how security works in practice: how controls are designed, engineered, deployed, operated, monitored, and continuously improved. It ensures cybersecurity is embedded into day-to-day technology and manufacturing operations in a way that protects the business without disrupting uptime, productivity, or innovation.

This is not a policy-setting or board-facing role. It is a hands-on leadership role focused on execution excellence, operational resilience, and incident command. The role owns cybersecurity execution outcomes and is accountable for control effectiveness across production environments.

We are seeking a true team player. Technical depth matters, but success in this role depends on the ability to collaborate across teams, communicate effectively regardless of role or title, and design security that enables progress rather than impedes it.

Operating Context

Aculocity provides shared IT, digital, and data platforms across multiple GVW Group operating companies spanning:

• Global enterprise IT environments
• Microsoft-centric identity, endpoint, and collaboration stacks
• Azure and AWS cloud platforms
• Data, analytics, and AI-enabled systems
• Manufacturing plants with IT/OT-converged networks

The role works in close partnership with:

• GVW Group CISO (strategy, risk, governance)
• Global Infrastructure, Cloud, Network, and Data teams
• Manufacturing, Engineering, and Operations leadership
• External security and technology partners

Key Responsibilities:

1. Cybersecurity Control Architecture & Engineering

• Design and maintain security architectures and technical standards aligned to Group cybersecurity strategy and enterprise risk appetite.
• Engineer, implement, and lifecycle-manage cybersecurity controls across all relevant enterprise technology domains, including:
  • Microsoft Defender (Endpoint, Identity, Cloud, Office)
  • Microsoft Purview (Information Protection, DLP, data governance)
  • Microsoft Intune (device compliance, endpoint hardening)
  • Entra ID security, Conditional Access, Privileged Identity Management
  • Security logging, monitoring, and incident detection and response (e.g. SIEM/SOAR)
  • Backup, recovery, and cyber-resilience capabilities
  • Application, API, and integration security
  • Third-party, vendor, and supply-chain cybersecurity controls
  • Security of AI-enabled platforms, automation, and data pipelines
  • Security policy, risk, and governance controls
• Translate high-level security principles, policies, and standards into practical, implementable technical designs.
• Embed security-by-design into operational systems, integrations, and automation platforms.
• Ensure security tooling is cohesive, observable, and automatable, avoiding unnecessary complexity and leveraging AI-enabled capabilities where appropriate.

1. Security Operations & Control Execution

• Own day-to-day cybersecurity operations, delivered internally or via managed services, including:
  • Security monitoring and detection (SOC)
  • Vulnerability and exposure management
  • Secure configuration and patch coordination
• Ensure cybersecurity controls are consistently deployed, monitored, tested, and remediated.
• Drive operational discipline, reliability, and continuous improvement in security execution.
• Define and enforce secure configuration baselines and continuously manage configuration drift.
• Define and operate a clear internal vs. managed service execution model with strong vendor accountability.

1. Network, Industrial & IT/OT Security

• Lead cybersecurity execution across industrial and manufacturing environments, including IT/OT convergence.
• Design and enforce segmentation, access control, and visibility using:
  • Palo Alto firewalls (physical and virtual)
  • Cisco enterprise and industrial networking platforms
• Work directly with manufacturing and engineering teams to ensure:
  • Security does not disrupt production
  • Controls reflect operational realities
  • Risk reduction is measurable and pragmatic

1. Security Operations & Incident Command

• Serve as the technical and operational incident commander during cybersecurity incidents across IT and OT environments.
• Lead containment, recovery, and remediation with calm, factual, and timely communication.
• Coordinate response across infrastructure, applications, cloud, data platforms, and manufacturing systems.
• Lead post-incident root cause analysis and remediation execution.

1. Control Effectiveness & Continuous Improvement

• Define and track operational cybersecurity metrics, including:
  • Control coverage and effectiveness
  • Detection and response performance
  • Vulnerability remediation progress
• Provide data-driven insights to support cybersecurity risk reporting and investment decisions.
• Continuously improve cybersecurity controls based on operational feedback and lessons learned.

1. Team Leadership, Coaching & Collaboration

• Build and lead a lean, execution-focused cybersecurity engineering and operations team.
• Ensure clear role definitions and segregation of duties.
• Foster a culture where security is embedded, pragmatic, collaborative, and trusted.
• Coach and develop technical talent to build deep execution capability and operational resilience.

Requirements

Education:

• Bachelor’s degree in Computer Science, Information Security, Engineering, or related field.
• Relevant security certifications (e.g. CISSP, CISM, cloud security certifications) are advantageous but not mandatory.
• Demonstrated execution impact is valued over formal credentials.

Experience:

• Senior hands-on experience in cybersecurity engineering, security operations, or cyber infrastructure leadership.
• Demonstrated experience with:
  • Microsoft Defender, Purview, Intune, Entra ID
  • Identity, endpoint, and cloud security
  • Azure and AWS workload protection
  • Detection engineering and incident response
  • Strong network security fundamentals
• Demonstrated success implementing cybersecurity controls in complex, multi-national organizations.
• Industrial and manufacturing IT/OT exposure strongly preferred.
• Palo Alto and Cisco experience highly valued.

Skills:

• Team-first, ego-free collaborator
• High technical credibility and execution discipline
• Calm, structured, and decisive under pressure
• Strong collaborator with operations, infrastructure, and engineering teams
• Pragmatic, hands-on, solutions-oriented, outcome-focused, and production-aware
• Comfortable working across roles, titles, and disciplines
• Understands that security succeeds only when the business succeeds

Work Environment: Ex. Office setting

Physical Requirements:

• Capable of meeting OSHA standards for manual lifting guidelines: < 50lbs
• While performing the duties of this job it is required to stand, walk, and use hands to operate objects, reach with hands or arms; climb, balance, stoop, kneel, or crouch when necessary for job activity.
• Ability to stand and/or walk for extended periods.

Legal and Compliance Statements
 

At-Will Employment:

This job description does not create a contract of employment, nor does it alter the at-will employment relationship. Employment with the company is voluntary and may be terminated at will by either the employee or the company, with or without cause, and with or without notice.

Job Duties Disclaimer:
The duties and responsibilities outlined here are representative but not exhaustive of the tasks that the employee may be required to perform. Management reserves the right to modify, add, or remove duties and to assign other tasks as necessary to meet business needs.

Equal Employment Opportunity:
Autocar is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or any other characteristic protected by law.

Compliance with Laws and Policies:
The employee must adhere to all federal, state, and local employment laws and regulations, as well as all company policies and procedures.

Reasonable Accommodations (ADA Compliance):
Autocar complies with the Americans with Disabilities Act (ADA) and provides reasonable accommodations to qualified individuals with disabilities. Employees who require assistance or accommodations should contact Human Resources.

Confidentiality and Data Protection:

Employees are expected to maintain the confidentiality of sensitive information and comply with company policies regarding data protection and proprietary information, in accordance with applicable laws.

Non-Exhaustive List of Duties:

This job description is not intended to be an exhaustive list of all responsibilities or qualifications associated with the position.