IDT Security Digital Journey Security Advisory
British American Tobacco Polska IT
Warszawa, mazowieckie
6 d. temu
source : Diehl controls

IDT Security Digital Journey Security Advisory -Warszawa,mazowieckie

odBritish American Tobacco Polska IT

TYPICAL ACCOUNTABILITIES

  • Deliver effective & responsive consulting services on all aspects of risk, IT Security and technology solutions to Business and IT stakeholders,
  • Work with Programmes and Projects to provide advisory, design assurance and facilitating compliance with group’s IT security framework
  • Work with business and IT stakeholders to drive improvements in IT Security Risk position, Cyber Threats mitigation and compliance level, build understanding and advocacy network of IT Security discipline across the organization,
  • Work with architects and solution designers to incorporate appropriate security controls into end-to-end solutions
  • Provide consulting to projects during the analysis, design and build phases of projects, such that the solution designs being deployed meet minimum standards and are aligned to BAT strategy
  • Assess security adequacy of architecture & design of applications / infrastructure solutions
  • Participate in the development, maintenance and communication of overall enterprise IT security strategy and architecture
  • Build and maintain productive, collaborative relationships with stakeholders in IT and the business
  • Acting as an enterprise level consultant on all aspects of IT Security
  • CORE RELATIONSHIPS

  • This role will require an extensive network of stakeholders from across the IT and business functions which may be at a Global, Regional or End Market levels.
  • This role also requires particularly strong links with the all area of IT and Business
  • 3rd Party Vendors non-commercial supplier relationships focussed on operational / project activities
  • SKILLS, KNOWLEDGE, EXPERIENCE

  • In-depth knowledge and practice with business strategies, objectives, challenges and ways of working across at least few business functional domains (Marketing, Operations, Corporate Services, Finance, R&D, New Generation Products) and geographical domains (Regions, Commercial Units, Factories)
  • In-depth knowledge and practical application of IT Security and IT risk management principles and concepts with experience in reviewing application / infrastructure security architecture and design
  • Strong working knowledge of methods and best practice in compliance / risk management / IT Security with good understanding of the technical details of security threats and mitigating controls
  • Strong knowledge of development, design and project management methodologies and experience in reviewing application / infrastructure security architecture and design
  • Strong consulting and risk analysis skills, ability in problem solving, critical thinking and time management to drive balanced outcomes balancing business objectives with security risk and exposure,
  • Knowledge of development, design and project management methodologies with strong technical security background and broad experience in IT system and applications development and demonstrable ability to apply security controls to mitigate security risks in business solutions
  • Demonstrated experience translating the business impact of security risks into language that non-technical staff can understand
  • Knowledge of industry security, risk management and assessment methodologies and standards and applying them in a large enterprise environment - eg.
  • ISO 27000 series, NIST, OWASP, PCI DSS;
  • Strong and technical skills and demonstrable experience in a least one discipline; e.g. Microsoft, Oracle, Cisco, SAP
  • Thorough understanding of current and emerging IT and security technologies, security threats and trends
  • Strong technical security background and broad experience in system and applications support
  • Ability to put business challenges against proposals, and to assess their long-term business value.
  • Experience of working in a complex geographical / functional matrix organization.
  • Excellent written and communication skills including experience with an executive audience
  • Education : Bachelor’s degree
  • Professional certification in IT and Security preferred e.g. CISSP, CCSP, CSSLP, GSEC, SABSA, MCSE
  • 5 or more years of progressive IT Security, IT and architecture experience
  • Time to 100% productivity : 3 months
  • Aplikuj
    Dodaj do ulubionych
    Usuń z ulubionych
    Aplikuj
    Mój adres email
    Klikając przycisk "Kontynuuj", wyrażam zgodę neuvoo na przetwarzanie moich danych i wysyłanie powiadomień e-mailem, zgodnie z zasadami przedstawionymi przez neuvoo. W każdej chwili mogę wycofać moją zgodę lub zrezygnować z subskrypcji.
    Kontynuuj
    Formularz wniosku