The Security Integration Lead is the primary contact within their region for security work intake
Assist Attack Surface Management and Global Digital Connections teams when working with third parties locally on website/mobile security remediation
Escalate and report on security gaps/opportunities within the region to Sector BISO
Engage with key stakeholders to ensure that processes and initiatives operate within the documented security org framework, monitor security policy/standards compliance, and Information Security strategy is understood and communicated
The Security Integration Lead is the primary contact within their region for security work intake
Identify Stakeholder resistance and barriers and tighten thecohesion between business and Information Security
Develop and implement strategies for engaging business functions on information security matters and gain buy-in
Support and track sector-based security exception process and remediation
Onboard to and provide training on Information SecurityServices Requests (ISSR)
Partner with Manufacturing OT and IT teams for Information Security engagement activities and partner awareness
Develop content and present on Information Security programs, initiatives, awareness and risk in consultation withSMEs and functional capability owners
Engage BRM and Project owners throughout the project lifecycle as trusted advisor for ISSR service delivery and process management
Assist on the delivery of Cyber Security program initiatives within the regions through Information Security PMO and Compliance Lead alignment to manage sector security initiatives
Support of vulnerability remediation plan development and owner identification
Act as trusted advisor throughout exception risk management from exception initiation, stakeholder identification, mitigating controls, remediation plan recommendations, and sign-off activities
Responsible for educating business functions on Information Security services and processes
Perform local security awareness initiatives such as clean desk exercise to reinforce and promote security standards compliance
Supports IR in driving awareness and remediation of security compliance related incidents locally to include engagement of appropriate stakeholders
Support Data Protection Evaluation and Recertification program through BRM engagement and coordination of activities
Provide feedback on security requirements during planning cycles
Assist Security Assurance and project teams in securityrequirements' funding estimates for CAPEX/Projects
Collaborate with and support Third Party Security Risk Management team on assessments, issues, escalations and remediation
Be the security coach for sector DevSecOps teams
Qualifications
8-12 years of related IT Security technical and business interfacing work experience
Experience with security architecture, application risk analysis, vulnerability management, data classification, CIS Top20 Critical Controls
CISM, CISSP, GIAC certifications preferred
Well versed in NIST Cybersecurity Framework
Well versed in Agile development methodology and DevSecOps framework
Bachelorxe2x80x99s degree required
Written/spoken English proficiency required
Strong interpersonal and oral communication skills
Ability to translate highly technical information into plain language
High level of analytical and problem-solving abilities
Highly self-motivated and directed
Strong organizational skills
Excellent attention to detail
Experience working in a team-oriented, collaborative environment
Willing "can do" attitude
Ability to manage multiple priorities and work across multiple organizations and teams