Sr Dir - Cybersecurity

Oshkosh, WIFull-timePosted Jul 10, 2026
Apply

At Oshkosh, we build, serve and protect people and communities around the world by designing and manufacturing some of the toughest specialty trucks and access equipment. We employ over 18,000 team members all united by a common purpose. Our engineering and product innovation help keep soldiers and firefighters safe, is critical in building and keeping communities clean and helps people do their jobs every day.

JOB SUMMARY

Oshkosh Corporation owns significant and growing assets in the form of information across its global operations, connected products, and manufacturing environments. The unauthorized disclosure or compromise of these assets could result in material harm to the organization, its customers, and its shareholders. The Senior Director, Cybersecurity is a critical executive leadership role responsible for owning and advancing Oshkosh's enterprise cybersecurity strategy. Reporting directly to the Chief Information Security Officer (CISO), this role serves as a key deputy and strategic partner, leading multiple cybersecurity domains while driving enterprise-wide security transformation, and representing the cybersecurity program to executive leadership, the Board of Directors, customers, and regulators.

                                                                                                           

YOUR IMPACT

These duties are not meant to be all-inclusive, and other duties may be assigned:

Strategy & Program Leadership

  • Own and drive Oshkosh's enterprise cybersecurity strategy, establishing a 3-5 year roadmap that aligns security investments and priorities with enterprise risk, business objectives, and the evolving threat landscape.

  • Serve as the CISO's primary deputy, supporting and representing the cybersecurity program in executive, regulatory, audit committee, customer, and operational engagements.

  • Partner with the CISO, CIO, and senior business leaders to integrate cybersecurity strategy with corporate digital transformation initiatives, M&A activity, and global expansion priorities.

  • Own the enterprise cybersecurity operating model, governance processes, performance management framework, and cross-functional decision forums to ensure consistent execution of enterprise priorities. Manage cybersecurity budgets, forecasts, vendor relationships, and strategic technology investment planning to optimize value and reduce enterprise risk.

  • Prioritize enterprise cybersecurity investments and balance resources across cybersecurity portfolios to maximize risk reduction and business value.

Architecture, Engineering & Cyber Defense

  • Provide enterprise leadership across Architecture, Engineering, and Cyber Defense through subordinate directors, ensuring integrated planning, investment prioritization, and consistent execution across all cybersecurity functions. Drive modernization of security capabilities across cloud, identity, endpoint, network, infrastructure, OT, and manufacturing environments, with measurable improvement in the enterprise risk posture.

  • Ensure subordinate leaders maintain effective operational capabilities across security operations, incident response, vulnerability management, and cyber defense. Lead cyber investigations, crisis response, and incident recovery efforts, providing decisive direction and timely communication to executive leadership and the Board.

Risk Management & Compliance

  • Own enterprise cybersecurity performance reporting, including KPIs, KRIs, maturity assessments, executive dashboards, and Board materials prepared for the CISO. Direct security audits, risk assessments, regulatory compliance activities, and contractual security requirement analyses across all business units and geographies.

  • Oversee third-party and supply chain cybersecurity risk programs, ensuring that partners, managed service providers, and strategic vendors meet Oshkosh security standards.

  • Lead cybersecurity alignment with applicable frameworks and regulatory expectations, including NIST CSF, CMMC, and applicable defense/government contracting requirements.

Cross-Functional Partnership & Change Leadership

  • Drive enterprise security transformation by championing a security-first culture, advocating for risk-informed decision-making, and partnering with IT, Legal, HR, Engineering, Finance, and Compliance leaders.

  • Lead cybersecurity integration for new business activities, acquisitions, divestitures, and new product development, proactively identifying and mitigating emerging risks before they materialize.

  • Influence executive and business leadership to adopt security-enabling strategies, translating complex risk tradeoffs into clear business language and actionable recommendations.

  • Identify opportunities to reduce risk, improve efficiency, optimize costs, and increase business value through security program innovation.

People Leadership

  • Lead, mentor, and develop a high-performing team of cybersecurity managers and senior professionals, building organizational depth, succession readiness, and a culture of accountability and continuous improvement.

  • Set team vision and direction, define performance expectations, and champion talent development programs that attract and retain top cybersecurity talent across multiple specialized domains.

  • Serve as acting CISO when delegated, representing the cybersecurity organization with executive leadership, customers, regulators, and external stakeholders.

MINIMUM QUALIFICATIONS

  • Bachelor's degree in Information Systems, Computer Science, Engineering, or related field.

  • 12 or more years of progressive Information Security/Cybersecurity experience.

  • 7 or more years of cybersecurity leadership experience managing programs, teams, and strategic initiatives.

  • Demonstrated experience presenting cybersecurity strategy, risk, and program maturity to senior executive leadership.

  • Ability to travel up to 15% of time, including international travel.

STANDOUT QUALIFICATIONS

  • Graduate degree in Information Systems, Cybersecurity, Business Administration, or equivalent.

  • CISSP strongly preferred; CISM, CRISC, CCSP, GIAC, or equivalent certifications preferred.

  • Experience in defense, government contracting, manufacturing, or other regulated industries with CMMC, ITAR, or similar requirements.

  • Active U.S. Government Secret level clearance (or ability to obtain).

  • Strong knowledge of cybersecurity operations, incident response, vulnerability management, cloud security, identity, OT/ICS security, security architecture, and enterprise risk management.

  • Demonstrated ability to build and sustain relationships with C-suite executives, board members, regulators, and key external partners.

  • Proficiency in cybersecurity risk quantification, business impact analysis, and communicating risk in financial terms to non-technical audiences.

  • Experience managing multi-million-dollar cybersecurity budgets, vendor negotiations, and technology investment planning.

Pay Range:

$186,200.00 - $353,800.00

The above pay range reflects the minimum and maximum target pay for the position across all U.S. locations. Within this range, individual pay is determined by various factors, including the scope and responsibilities of the role, the candidate's experience, education and skills, as well as the equity of pay among team members in similar positions. Beyond offering a competitive total rewards package, we prioritize a people-first culture and offer various opportunities to support team member growth and success.

Oshkosh is committed to working with and offering reasonable accommodation to job applicants with disabilities. If you need assistance or an accommodation due to disability for any part of the employment process, please contact us at corporatetalentacquisition@oshkoshcorp.com.

Oshkosh Corporation is a merit-based Equal Opportunity Employer. Job opportunities are open for application to all qualified individuals and selection decisions are made without regard to race, color, religion, sex, national origin, age, disability, veteran status, or other protected characteristic. To the extent that information is provided or collected regarding categories as provided by law it will in no way affect the decision regarding an employment application.

Oshkosh Corporation will not discharge or in any manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with Oshkosh Corporation's legal duty to furnish information.

Certain positions with Oshkosh Corporation require access to controlled goods and technologies subject to the International Traffic in Arms Regulations or the Export Administration Regulations. Applicants for these positions may need to be "U.S. Persons," as defined in these regulations. Generally, a "U.S. Person" is a U.S. citizen, lawful permanent resident, or an individual who has been admitted as a refugee or granted asylum.

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free