-
Start apply with LinkedIn
-
Apply Now
-
Please wait...
Start apply with LinkedIn
Expert Cyber Security - IT North America
Expert Cyber Security - IT North America
Position Summary
Under the supervision and guidance of her/his primary Community of Practice Lead and Product Group Manager based in Switzerland, the Cyber and Digital Security Expert is responsible for establishing and maintaining security products, platforms and solutions designed to mitigate IT risks across the Group to ensure that information assets are adequately protected. S/He is responsible for the identification, evaluation and reporting of information security risks in a manner that meets compliance and regulatory requirements, aligning with and supporting the risk posture of the enterprise. The Senior Cyber and Digital Security Specialist requires to be a visionary leader with strong skills in business management and a working knowledge of information security technologies. S/He will proactively work with IT and business units to implement practices that meet defined policies and standards for information security. Acting as a security business partner for the IT Product Groups, s/he represents Security in various core team meetings. The Senior Cyber and Digital Security Specialist continuously researches and stays on top of emerging security threats, technologies and trends.
A day in the life of...
Key Outputs:
• Conducts systematic security assessments of Digital Solutions (Web Sites, Mobile and Social Media Applications, Cloud Solutions and associated infrastructure, etc.) to identify security risks • Ensures new products, platforms and solutions are implemented "Secure & Compliant by Design" • Develops, maintains and publishes up-to-date security policies, standards and guidelines, and oversees training and dissemination of security policies and practices • Works directly with IT Product Managers, BRMs and IT Customers to facilitate business IT risk assessment and risk management processes, and works with stakeholders through the enterprise on identifying acceptable levels of residual risk • Provides periodic reporting on the current status of the information security program to enterprise risk teams, senior business and IT leaders – in collaboration with the Office of the CIO - as part of a strategic enterprise risk management program • Facilitates a metrics and reporting framework in collaboration with the Office of the CIO to measure the efficiency and effectiveness of the program, promoting appropriate resource allocation, and increase the maturity of the security
• Defines and facilitates the information security risk assessment process, including the reporting and oversight of treatment efforts to address findings • Creates a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection • Provides strategic risk guidance for IT projects and product management, including the evaluation and recommendation of technical controls • Liaises with the Enterprise Architecture team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures • Ensures that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings • Creates and manages a unified and flexible control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations
• Understands and interacts with related disciplines to ensure the consistent application of policies and standards across all product groups; technology projects and systems, including, but not limited to, privacy, risk management, compliance and business continuity management • Works closely with Enterprise Architects, other functional area architects and other Security Specialists to ensure adequate security solutions are in place throughout all IT products and platforms to mitigate identified risks sufficiently and to meet business objectives and regulatory requirements
What will make you successful
• Degree in business administration or a technology-related field, or equivalent work- or education-related experience • 7+ years of experience in a combination of risk management, information security and IT jobs • Employment history must demonstrate increasing levels of responsibility Experience with contract and vendor negotiations • Experience in effective communication at different level in the organization and in English • Preference to have worked in a global environment and with virtual teams
- Infrastructure network security experience (data centers, security gateways, VPN, on premise and in the cloud).
- Cloud Security - Azure (preferred).
- Architectural Design reviews from security perspective
- Security Gateways, F/W rules, FWaaS.
- Strong knowledge of relevant legal and regulatory requirements (data protection standards, privacy).
- CISSP certification
Position Summary
Under the supervision and guidance of her/his primary Community of Practice Lead and Product Group Manager based in Switzerland, the Cyber and Digital Security Expert is responsible for establishing and maintaining security products, platforms and solutions designed to mitigate IT risks across the Group to ensure that information assets are adequately protected. S/He is responsible for the identification, evaluation and reporting of information security risks in a manner that meets compliance and regulatory requirements, aligning with and supporting the risk posture of the enterprise. The Senior Cyber and Digital Security Specialist requires to be a visionary leader with strong skills in business management and a working knowledge of information security technologies. S/He will proactively work with IT and business units to implement practices that meet defined policies and standards for information security. Acting as a security business partner for the IT Product Groups, s/he represents Security in various core team meetings. The Senior Cyber and Digital Security Specialist continuously researches and stays on top of emerging security threats, technologies and trends.
A day in the life of...
Key Outputs:
• Conducts systematic security assessments of Digital Solutions (Web Sites, Mobile and Social Media Applications, Cloud Solutions and associated infrastructure, etc.) to identify security risks • Ensures new products, platforms and solutions are implemented "Secure & Compliant by Design" • Develops, maintains and publishes up-to-date security policies, standards and guidelines, and oversees training and dissemination of security policies and practices • Works directly with IT Product Managers, BRMs and IT Customers to facilitate business IT risk assessment and risk management processes, and works with stakeholders through the enterprise on identifying acceptable levels of residual risk • Provides periodic reporting on the current status of the information security program to enterprise risk teams, senior business and IT leaders – in collaboration with the Office of the CIO - as part of a strategic enterprise risk management program • Facilitates a metrics and reporting framework in collaboration with the Office of the CIO to measure the efficiency and effectiveness of the program, promoting appropriate resource allocation, and increase the maturity of the security
• Defines and facilitates the information security risk assessment process, including the reporting and oversight of treatment efforts to address findings • Creates a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection • Provides strategic risk guidance for IT projects and product management, including the evaluation and recommendation of technical controls • Liaises with the Enterprise Architecture team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures • Ensures that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings • Creates and manages a unified and flexible control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations
• Understands and interacts with related disciplines to ensure the consistent application of policies and standards across all product groups; technology projects and systems, including, but not limited to, privacy, risk management, compliance and business continuity management • Works closely with Enterprise Architects, other functional area architects and other Security Specialists to ensure adequate security solutions are in place throughout all IT products and platforms to mitigate identified risks sufficiently and to meet business objectives and regulatory requirements
What will make you successful
• Degree in business administration or a technology-related field, or equivalent work- or education-related experience • 7+ years of experience in a combination of risk management, information security and IT jobs • Employment history must demonstrate increasing levels of responsibility Experience with contract and vendor negotiations • Experience in effective communication at different level in the organization and in English • Preference to have worked in a global environment and with virtual teams
- Infrastructure network security experience (data centers, security gateways, VPN, on premise and in the cloud).
- Cloud Security - Azure (preferred).
- Architectural Design reviews from security perspective
- Security Gateways, F/W rules, FWaaS.
- Strong knowledge of relevant legal and regulatory requirements (data protection standards, privacy).
- CISSP certification
Ciudad de Mexico, MX, 11520
Ciudad de Mexico, MX, 11520
-
Start apply with LinkedIn
-
Apply Now
-
Please wait...