Sr Ent Information Security Manager

The Information Security Manager, working with in Corporate Information Security Team will be responsible for liaising with assigned business units on behalf of Corporate Information Security (CIS). These responsibilities will include understanding business-driven projects that involve network and information security, applications, networking and web based technologies. They will be responsible for understanding the Business Unit’s processes and priorities and working with them to manage business impact and threats, through a risk based methodology.

Ensures through positive engagement that business goals are met in a secure and compliant manner, according to industry standard regulations

• Make proactive assessments of threat information in and outside the public domain, understanding the threat as it relates to its customers, and implementing measures to combat the threat.
• Understand the operations of the business and comprehend how these create value and risk for the organization.
• Collaborate with team members, peers and the business unit management team to determine technical information security requirements, planned remediation, and advocate for the program to gain resources to implement appropriate protection technologies and processes.
• Implement and monitor controls necessary to ensure operational processes are performed and are effective to protect the environment from all forms of malicious cyber activity.
• Assist the Governance group in the development and refinement of technical security standards, key performance indicators and other necessary processes to maintain effective operational security, as it relates to the business.
• Make risk-based decisions on a daily basis that has the potential to impact our ability to operate and communicate.
• Ensure the information and network security controls for us are appropriate and operating as intended; includes solutions that are directly controlled as well as security solutions that are operated by other internal and external groups.
• Provide status reports on a weekly, monthly and quarterly basis to business managers and other management activities that demonstrate the health of the program.
• Interact with internal audit, third party auditors, and appropriate regulatory bodies.
• Support the Information Security policy lifecycle throughout, including all aspects of intake, creation, review, approval, implementation, publishing, communication and maintenance.
• Liaise with and assist outsourced security service providers with vulnerability assessments of business applications, systems and architectures.

• Strong technical, influential and organizational skills.
• Prefer six years’ experience in information security related discipline, in addition to several years’ relevant systems and/or network administration experience.
• Expert relationship building and partnering skills, including persuasion, negotiation and consensus building.
• Experience translating emerging IT and business trends into meaningful risk reduction opportunities.
• Demonstrated ability to work effectively in a complex matrixed environment.
• Outstanding verbal and written communication skills.
• Ability to interpret business strategy and align to appropriate security enhancements to achieve business enablement.
• Ability to translate security requirements into business risks and impacts.
• Experience with high level design Architecture, Firewall, Internet, LAN Router, Network, Protocols, Web Services and SOA.
• Strong understanding of encryption, obfuscation and/or tokenization technologies or compensating controls.
• Appropriate industry certifications, such as CISSP, CISA or CCIE.
• Preferred skill:
  Bachelor degree in Computer Science, Information Security, Information Management, or other related discipline.
• Telecommunications industry expertise, Six Sigma Training, Audit, Compliance & Network experience preferred.
• A broad, enterprise-wide view of the wireless (or similar) business and understanding of strategy, processes and capabilities, enabling technologies, and governance. Experience in telecommunications, internet service provider, or application service providers a plus.
• The…