---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Manager, Information Security
Location: Slough, , United Kingdom
Type: Permanent F/T
Closing Date: 2007-08-13
Information Security Risk Manager
Reference No. SF-228
Company Communications Group
Location Berkshire
Salary £50,000 - £60,000
Package Up to 15% bonus, Car/Allowance (approx 5K) family health etc
Start Date ASAP
No. Required 1
The Role
Working as a member of the F&S IT Security team, the Information Security Risk
Manager is responsible for strategic and policy decisions required to manage
and appropriately protect company information assets.
Responsibilities:
Strategic Security Risk Management
Works as part of the Fraud & Security Leadership team to help direct the
development and implementation of the Information Security vision and strategy
across the company.
To work with all aspects of the business to build information security risk
management into product and project lifecycles.
To represent customer interests with respect to minimum acceptable security and
privacy requirements whilst ensuring that controls are effective within a legal
and compliance framework.
To assist and direct staff with identification of key information security
risks to the business and drive forward risk reduction/remediation strategies.
To represent the Organisation, and to develop a good working relationship with
other partner organisations within the Group and the wider Telefonica family
Security and Information Protection Requirements
Responsible for setting security requirements for new projects, services and
products across the Organisation
Delegated signoff authority of Fraud & Security aspects of completed designs.
To ensure appropriate testing and validation of security requirements of high
risk initiatives is undertaken
To provide security consultant to our internal customers, to ensure that
service designers and influencers make appropriate considerations around
security and privacy.
Communicating and Building Relationships
Responsible for building relationships and effective communications with the
relevant business stakeholders to agree strategic direction for protection of
services and data within their respective domains and to ensure consideration
and communication of information risk and mitigation strategies.
To collaborate with the wider cross company security groups re identification
of key threats and vulnerabilities to the business.
Qualifications and Skills required
At least 5 years experience in corporate environment in IT/Security/Telecoms,
of which at least of which at least 3 as an Information Security Manager.
Excellent interpersonal, influencing, administrative and management skills.
Strategic orientation with ability to act tactically as required
Proven skills succeeding in a matrix management environment
Global perspective, multi-cultural understanding and approach
Excellent Conceptual and critical thinking skills
Sound understanding of process management principles
Strong negotiator/facilitator and consensus builder with results oriented
commitment
Sound understanding of Telecommunication and IT systems within mobile networks
Understanding of Sarbanes Oxley (SOx) compliance issues
Sound understanding of Data Protection obligations and PCI requirements
Ability to interact at all levels of the organisation.
Must be strongly self motivated and able to present a credible and effective
case for risk management and security requirements with tact and tenacity.
Good communication and report writing skills
Willing to travel and be out of the office several times a week
Knowledge across the following areas:
Information Security Risk Management Techniques
Metrics and Reporting
Risk Analysis & Risk Mitigation
IT & Technology Security
Firewalls & Network Security
Authentication & Access control Technologies
Fraud and Mobile industry
Ideal Qualifications:
A Bachelor’s or higher degree in a technical area e.g. Engineering,
Computer Science
External certifications across:
Telecoms, Security, Fraud, Audit, Systems, Networks
E.g. CISSP, ISO7799 Auditor, GSMA Fraud Training
JOB REQUIREMENTS
---------------------------------------------------
Candidates must be eligable to work in the UK when applying
CONTACT
---------------------------------------------------
Information Security Solutions
Iain Sutherland
iain@InformationSecuritySolutions.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
