Senior Manager, Infrastructure Security

  • location: Knoxville, TN (remote)
  • type: Permanent
  • salary: $130,000 - $160,000 per year

job description

Senior Manager, Infrastructure Security

job summary:
The Senior Manager, Infrastructure Security is accountable for information and cyber security across the infrastructure and cloud domains globally (including networks, hosting, end user computing), across all its assets, in alignment with business and technology leaders and with our information security mission, strategy, direction, policies and standards.

This role also collaborates with the infrastructure domains in the selection, deployment and correct operations of security toolsets - this includes, network security (firewalls, IDS/IPS, network access control), endpoint security, data leakage prevention, cloud security posture management, and many others.

The goal is to enable a modern, cyber resilient infrastructure.

This role is part of a matrix organization - some of the assets belong to Business Groups (BG) where this role will partner very closely with the Business Information Security Officer (BISO) of the BG in achieving the objectives.

The role also has oversight on Corporate HQ infrastructure assets and teams, which provide services to the rest of our business groups. Here close partnership with global infrastructure is vital.

This role is responsible for the following:

  • Successful adoption of Global Security Services and for compliance to applicable standards and regulations (including Privacy).
  • The role is accountable for cyber and information security compliance across all infrastructure globally.
  • Global complexities in regulatory, financial, legal, and cultural conditions.
  • Generally limited existing organizational capabilities developed over the past 12 months, originating as reactions.
  • Generally fragmented legacy technical and organizational landscapes.
  • Requires deep subject matter expertise in cyber and information security solutions and commercial agreements, 3rd party managed services, SOC effectiveness and efficiency. Policy development and implementation, data and information security, SOX compliance, and cyber security improvements are all priorities.
  • Customer facing new digital initiative which has both security considerations (Infra, cloud physical mechatronics solutions) as well as GDPR.
  • Changing threat landscape. The attackers are getting more commoditized but also there's a lot of advanced threats, advanced persistent threats, facing the organization.
Key Responsibilities

  • Works with the IT Leadership Teams in infrastructure providing in-depth technical expertise on Cyber and Information security strategy.
  • Functionally directs teams of security professionals and management staff in the successful fulfilment of security delivery commitments.
  • Participate in the co-creation of enterprise-wise vision, strategy, and roadmap for information security.
  • Drive within infrastructure and in alignment with the Business Groups BISO an information security program which is intelligence-driven and risk based, in line with information security strategy.
  • Contributes to the development of information security policies, standards and guidelines in line with recognized international standards such as ISO27001 and NIST.
  • Evangelize information security and drive security awareness and training.
  • Stay abreast of relevant information security regulations and drive programs to ensure proactive compliance.
  • Acts as infrastructure focal point on security operations, incident response and forensic activities.
  • Ensure information security is embedded across infrastructure and ecosystem of partners.
  • Ensures adoption of our global security services and their fit for purpose within infrastructure.
  • Drive regular identification and remediation of vulnerabilities in line with the vulnerability management program
  • Drive cyber resilience and readiness across infrastructure.
  • Identify critical assets and ensure tiered risk-based protection across the footprint.
  • Provides input to our information security budget and ensures adequate budget allocation within infrastructure to fulfil the security roadmap and priorities.
Experience Required

  • 10+ years of experience with career progression.
  • Understanding of current and emerging threats and countermeasures and the organizational challenges to addressing these threats.
  • Understanding of best practice within Information Security and risk management including standards such as ISO/IEC 27001, Cyber Essentials and NIST.
  • A good practical knowledge of security technologies and wider business solutions including Firewalls, IDS/IPS, Identity and access management, SIEM, remote working and cloud technologies;
  • Experience in large business transformation, across business areas, countries and cultures;
  • Talent management and development.
Knowledge Required

  • Familiarity with relevant regulations, such as SOX, GDPR / data privacy, PCI-DSS, etc.
  • Relevant audit, risk or security certifications (e.g. CISSP, CISA, CISM, etc.)
  • Knowledge of international security framework and standards, such as ISO27001, NIST, CIS20, and assurance reporting standards such as ISAE3402.
  • Ability to build strong partnerships in a matrixed environment.
  • Excellent communication skills, written, verbal.
  • Ability to learn, grow and take on expanded duties as business needs evolve
  • Excellent leadership skills and ability to communicate and influence at all levels and inspire through leadership to develop individuals and teams.
  • Superb judgment and integrity, including excellent decision-making skills and a sense of urgency.
 
location: Knoxville, Tennessee
job type: Permanent
salary: $130,000 - 160,000 per year
work hours: 8am to 4pm
education: Bachelors
 
responsibilities:
  • Accountable for information and cyber security across the infrastructure and cloud domains globally (including networks, hosting, end user computing), across all its assets, in alignment with business and technology leaders and with our information security mission, strategy, direction, policies and standards.
  • This role also collaborates with the infrastructure domains in the selection, deployment and correct operations of security toolsets - this includes, network security (firewalls, IDS/IPS, network access control), endpoint security, data leakage prevention, cloud security posture management, and many others.
  • The goal is to enable a modern, cyber resilient infrastructure.
  • This role is part of a matrix organization - some of the assets belong to Business Groups (BG) where this role will partner very closely with the Business Information Security Officer (BISO) of the BG in achieving the objectives.
  • The role also has oversight on Corporate HQ infrastructure assets and teams, which provide services to the rest of our business groups. Here close partnership with global infrastructure is vital.
 
qualifications:
  • Experience level: Manager
  • Minimum 10 years of experience
  • Education: Bachelors
 
skills:
  • Infrastructure
  • SECURITY
  • NIST
  • Risk Management
  • ISO/IEC

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

get jobs in your inbox.

sign up
{{returnMsg}}

related jobs