https://bayt.page.link/kq6M8Wx48Gqnr6mw7
Create a job alert for similar positions

Job Description

Overview The Infosec Lead is a strategic partner to the business and is responsible for supporting information security risk management and technical security analysis within the sector. This role requires a technical security expert to assess, mitigate, and remediate security risks, driving security initiatives within the sector and promoting security awareness. By fostering strong relationships with business units and collaborating with global security teams, the Infosec Lead will support cyber risk mitigation and drive a culture of security. Responsibilities Security Risk Management: Serve as the primary technical security contact within the business unit for risk analysis, gap identification, mitigation, and remediation. Manage security work intake for specific business units. Escalate and provide appropriate, informed recommendations on security gaps/opportunities within the region to Sector BISO Solution Delivery: Partner with sector and business unit deployment leads and information security solutions architects to deliver secure business solutions Vulnerability Management: Support vulnerability mitigation and remediation plan development. Collaborate with Attack Surface Management to understand security impacts of complex technical issues. Third-Party Security: Assist Attack Surface Management in assessing and remediating website and mobile security risks for local third parties. Third-Party Risk Management: Collaborate with the third-party security risk management team on assessments, issues, escalations, and remediation. Technical Expertise: Act as the technical subject matter expert on security initiatives. Leverage global security technologies to solve problems and support global project teams in testing, deployment, and execution. Stakeholder Management: Build and maintain relationships with key stakeholders to ensure alignment with security policies, standards, and strategy. Address stakeholder resistance and foster collaboration between business and information security. Business Engagement: Develop and implement strategies to engage business functions on information security technical matters. Gain buy-in for security initiatives. Incident Response: Provide support to the business unit during security incidents, in collaboration with the Global Incident Response function, and assist with after-action engagement programs and post-incident activities Security Requirements: Support security assurance and project teams in developing funding estimates for security requirements. Provide feedback on security requirements during planning cycles. Security Exception Management: Support and track sector-based security exception processes and remediation. Training and Awareness: Conduct information security assessments, educate business functions on services and processes, and develop content for security programs, initiatives, and risk awareness. Qualifications Bachelor’s degree required 10 + years as IT Security Architect/Engineer or similar experience Experience with security architecture, application risk analysis, vulnerability management, data classification, CIS Top 20 Critical Controls CISM, CISSP, GIAC certifications preferred Well versed in NIST Cybersecurity Framework Written/spoken English proficiency required

You have reached your limit of 15 Job Alerts. To create a new Job Alert, delete one of your existing Job Alerts first.
Similar jobs alert created successfully. You can manage alerts in settings.
Similar jobs alert disabled successfully. You can manage alerts in settings.