Act as the interface between the technical disciplines and the business to carry out technically orientated security assessments, setting security requirements for new products and services, and also assessing compliance and risk.
Employer Profile
Technology center of a multinational telecom company.
Responsibilities
Main activities are in the are of Security Assessment and Compliance. This role bein in charge with overseeing and coordinating the internal systems auditing, in order to assure that products, infrastructure and services are secure and compliant with relevant internal and external standards before release:
Ensure that all global products, services, and infrastructure for Enterprise customers, consumers, or being used internally are secure by design and will meet an appropriate technology security level, and demonstrate that all potential risks are being mitigated to an acceptable level to in order to assure the confidentiality, integrity and availability of systems and data.
Work closely with the business and technology architecture teams, design and operations teams, and with the other security teams e.g. Risk & Compliance, Ethical Hacking, Security Operations, and Corporate Security. The role holder will also be required to manage external resource and coach Security Champions in the agile teams.
Provide advice and guidance to internal and external customers on security related matters.
Define, communicate and ensure that suppliers and third parties understand and comply with Group’s security standards.
Requirements
Good professional experience (3 to 5+ years) in the following fields or related to: information technology, Cyber security, DevSecOps (not necessary hands-on/operational).
Experience with security in agile ways of working.
Relevant experience with Security Audits, Security Assessment and/or Compliance.
Ability to explain complex technical matters to non-technical business executives. (The role, is expected to give clear guidance for implementing security controls in complex environments.)
Very good English skills (spoken and written).
Nice to have:(At least 2 of the following would represent a considerable advantage)
Knowledge/experience with securing of cloud environments (one or more in the area of AWS, GCP, Azure, OCI) incl. Kubernetes (KaaS) and connectivity, user access management, network infrastructure, CDaaS / IaaS / SaaS and penetration testing experience beneficial.
Knowledge and experience in DNS technology, Apache Kafka, CNI, Citrix env.
One or more of the following: CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, GIAC, TOGAF, SABSA or equivalent
University degree in Information Security or equivalent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.