Apply now »

Regional Cyber Security Lead

Country:  United States
Country/Region:  Un
City:  Boston
State/Province:  Massachusetts


Career Opportunity


Sappi North America, headquartered in Boston, is a subsidiary of Sappi Limited (JSE), a global company headquartered in Johannesburg, South Africa, with more than 13,000 employees and manufacturing operations on three continents in seven countries and customers in over 100 countries around the world.  We are a leading global provider of sustainable woodfiber products and solutions. The success of our four diversified businesses – high quality Coated Printing Papers, Specialised Cellulose, Release Papers and Specialty Packaging – is driven by strong customer relationships, best-in-class people and advantaged assets, products and services. Our high quality Coated Printing Papers, including McCoy, Opus, Somerset and Flo, are the key platform for premium magazines, catalogs, books and high-end print advertising. We are a leading manufacturer of Specialised Cellulose used in a wide range of products, including textile fibers and household goods, and one of the world's leading suppliers of Release Papers with our Ultracast and Classics lines for the automotive, fashion and engineered films industries. Our Specialty Packaging products, such as LusterPrint and LusterCote, represent an important asset in the food packaging and labelling industries. Customers rely on Sappi for high technical, operational and market expertise; products and services delivered with consistently high quality and reliability; and, state-of-the-art and cost-competitive assets and innovative spirit.    

Position (job title):  SNA Regional Cyber Security Lead 

Department:  Information Technology 

Work Site:  Global or Portland, ME



  • Provide expertise for developing and delivering security initiatives.
  • Key resource engaging with SNA business and leadership 
  • Direct planning and implementation of enterprise IT defenses against security breaches and vulnerabilities.
  • Responsible for auditing existing systems, while directing the administration of security policies, activities, and standards.





  • Inform Sappi’s Group security strategy
  • Deliver defense initiatives and coordinate the evaluation, deployment, and management of current and future security technologies.
  • Develop and communicate security plans to project teams, partners, and business stakeholders.
  • Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access.
  • Assess need for any security reconfigurations or vulnerabilities (minor or significant) and guide regional teams to mitigate.
  • Keep current with emerging security landscape in industry alerts \ issues.
  • Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.

Acquisition & Deployment

  • Assist in the design, development and implementation of controls created in response to risks identified across the Sappi group of companies.
  • Assist in establishing of information security policies and standards, and aid with the implementation of such policies and procedures throughout the enterprise.
  • Conduct vulnerability audits and risk assessments 
  • Assist in creating visibility of 3rd party risk 
  • Recommend, schedule, and perform security improvements or upgrades.


Operational Delivery

  • Serve as the information security subject matter expert in region by providing guidance to IT and business units on matters related to security. 
  • Drive regional  information security education and awareness ensuring users complete training timeously
  • Recommend and implement changes in security policies and practices in accordance with changes in local or federal law.
  • Creatively and independently provide resolution to security problems in a cost-effective manner.
  • Assess and communicate any security risks associated with practices performed by the business and or external parties.
  • Remain informed on trends and issues in the SNA security industry, including current and emerging technologies.
  • Design, perform, and/or oversee regional penetration testing of all systems to identify system vulnerabilities.
  • Recommend, schedule (where appropriate), and apply fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach.
  • Governance, Risk & Compliance assurance in conjunction with Global GRC manager and Audit functions 



Salary is determined by a number of factors including the value of the job to the organization, market forces, internal equity and skills brought to the job.

HR Contact for Questions:  Kathleen Ann Porazzo 

Contact Information:  2074205374 , 

Sappi provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Sappi complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Apply now »