This key roles’ primary accountability is to protect ABB’s information assets, intellectual property and internal IT environment from cyber-
attacks and security threats. Sub-departments under this position include : Infrastructure Security services, Vulnerability Management, Security Resilience Testing, Security Operations Center and ABB’s Security Defense Center.
This role reports directly to the Group IS Information Security manager (CISO), and includes :
Leading a global team of 60+ (cof which c.40+ ABB internal, remaining external) security exerts located across the Europe, Americas and Asia Pacific regions;
Defining and implementing Infrastructure Security Services i.e. End-point protection, Network Security, IAM, Cloud Security etc.;
Defining and implementing Vulnerability Management (Infrastructure and Application Scanning) and Resilience Testing services (Sec Pen Tests, Red Team’ & Ethical Hacking) across ABB’s global business networks;
Ensuring effective operation of ABB’s Security Defence Centre Team who provide Monitoring, Threat Intelligence and Incident Response services;
Establishing appropriate metrics and dashboards for the measurement and improvement of the department’s service;
Continuously improving and innovating Security service provisioning;
Strong financial acumen and a proven track record in budget management of c.$10m+ / year.
As member of the global Security management team this role will also contribute to the evolution of IS Risk and Security strategy.
Minimum 12 years’ experience in information security and or information risk management in a large global organization;
Strong communication skills, with the ability to communicate at all levels within the organization;
Fluency in verbal English is required, excellent English writing skills are essential;
Strong information security knowledge and good network within the security professional community;
Experience in building large global organizations, with a strong service culture and effective remote people management skills;
Excellent knowledge of ITIL process, Security and Auditor Certifications (CISSP, CISM, ISO 27001, CISA etc) would be a plus.