Executive Manager - Security Integration and Mitigation

Overview

The Cross Sector AMESA and APAC Security Integration Lead is responsible for information security risk and management processes within the sector including but not limited to security risk and exception analysis, information security work intake processes, support for cyber security awareness initiatives, collaboration on development of remediation plans, and data protection activities. The role also ensures security incident management and processes are given appropriate focus, assist with escalations and are handled expeditiously as per defined SLAs. Each international sector BISO org (AMESA, APAC, Europe, and LATAM) has this role.

Responsibilities

• The Security Integration Lead is the primary contact within their region for security work intake

• Assist Attack Surface Management and Global Digital Connections teams when working with third parties locally on website/mobile security remediation

• Escalate and report on security gaps/opportunities within the region to Sector BISO

• Engage with key stakeholders to ensure that processes and initiatives operate within the documented security org framework, monitor security policy/standards compliance, and Information Security strategy is understood and communicated

• Identify Stakeholder resistance and barriers and tighten the cohesion between business and Information Security

• Develop and implement strategies for engaging business functions on information security matters and gain buy-in

• Support and track sector-based security exception process and remediation

• Onboard to and provide training on Information Security Services Requests (ISSR)

• Partner with Manufacturing OT and IT teams for Information Security engagement activities and partner awareness

• Develop content and present on Information Security programs, initiatives, awareness and risk in consultation with SMEs and functional capability owners

• Engage BRM and Project owners throughout the project lifecycle as trusted advisor for ISSR service delivery and process management

• Assist on the delivery of Cyber Security program initiatives within the regions through Information Security PMO and Compliance Lead alignment to manage sector security initiatives

• Support of vulnerability remediation plan development and owner identification

• Act as trusted advisor throughout exception risk management from exception initiation, stakeholder identification, mitigating controls, remediation plan recommendations, and sign-off activities

• Responsible for educating business functions on Information Security services and processes

• Perform local security awareness initiatives such as clean desk exercise to reinforce and promote security standards compliance

• Supports IR in driving awareness and remediation of security compliance related incidents locally to include engagement of appropriate stakeholders

• Support Data Protection Evaluation and Recertification program through BRM engagement and coordination of activities

• Provide feedback on security requirements during planning cycles

• Assist Security Assurance and project teams in security requirements' funding estimates for CAPEX/Projects

• Collaborate with and support Third Party Security Risk Management team on assessments, issues, escalations and remediation

• Be the security coach for sector DevSecOps teams

Qualifications

• 8-10 years of related IT Security technical and business interfacing work experience
• Experience with security architecture, application risk analysis, vulnerability management, data classification, CIS Top 20 Critical Controls
• CISM, CISSP, GIAC certifications preferred.
• Well versed in NIST Cybersecurity Framework
• Well versed in Agile development methodology and DevSecOps framework
• Bachelor's degree required.
• Written/spoken English proficiency required.
• Strong interpersonal and oral communication skills
• Ability to translate highly technical information into plain language.
• High level of analytical and problem-solving abilities.
• Highly self-motivated and directed.
• Strong organizational skills.
• Excellent attention to detail.
• Experience working in a team-oriented, collaborative environment.
• Willing "can do" attitude.
• Ability to manage multiple priorities and work across multiple organizations and teams.