Security Compliance Manager
at Diageo
Budapest, Közép-Magyarország, Hungary -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 08 Nov, 2024 | Not Specified | 09 Aug, 2024 | 6 year(s) or above | Mitigation,Strategy,Metrics,Cisa,Cloud Security,Exceptions,Control Framework,Isf,Project Management Skills | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
Job Description :
Purpose of Role:
The purpose of the role is to ensure the right security policies are in place with the right level of requirements following Diageo’s risk appetite and tolerance. The role has to ensure that there is sufficient oversight on the embedment of the policy requirements in line with the IT Security & Control framework and non compliances and exceptions are managed. Risks and strategy is aligned with our policies.
- Ensure security policies are in place, up to date and follows the framework of the choice (NIST, ISF, ISO27x)
- Set up and monitor metrics to inform management on the embedment of the policies
Ensure that every function in Diageo has the right level of awareness of these requirements working with the IM&S outreach team.
Top 3-5 Accountabilities:
- Maintain and regularly update IM&S security policies, standards and guidelines.
- Define governance and monitoring requirements for policies
- Define process to manage exceptions to defined requirements
- Own and continuously improve policies and processes in relation to requirements set out in policies and exceptions
- Ensure stakeholders are fully aware of the level of embedment
- Work with other D&T functions and in IM&S namely security solution architects, risks leads, communications to identify potential improvement areas and increase security maturity of Diageo
- Ensure potential gaps are highlighted and action plans are created and agreed to in agreement with other D&T and IM&S stakeholders
- Drive the remediation of identified gaps, ensure timely delivery
- Assess changes in external regulatory landscape and their impact on our internal requirements
- Help in Training and awareness by developing security awareness training program for employees
Capabilities:
- Cyber security
Has a deep understanding of security concepts and principles and can apply them in real world scenario
- Risk and control effectiveness
Has a deep understanding of critical business processes and controls and uses wide experience to identify priority risks for the business. Actively applies leading edge audit capabilities to generate insights into business issues and deliver high quality solutions.
- Risk evaluations and mitigation
Proactively leads the development of highly effective and creative risk mitigation approaches and communicates value of the discipline to the business. Utilises a highly effective style of facilitation.
- Commercial understanding and judgement
Able to use extensive knowledge of Diageo business and the external environment to anticipate business issues. Constantly demonstrates ability to influence strategic decisions across the business.
- Consulting
Generates insights into issues quickly, prioritises effectively and develops solutions that drive the business forward. Highly valued for ability to deliver independent and unbiased advice. Respected for personal stance and ethical approach.
- Conceptual and analytical rigour
Identifies how best to analyse strategic options, chooses and applies the most appropriate tools/techniques. Participates in leading the business in the selection of the right strategic options. Leads others through the creative process of developing alternatives to strategic issues.
- Be authentic
Build great relationships with those you work with, both internally and externally
- Consistently deliver great performance
Have a positive outlook; channel your energy into finding opportunities and solutions even in times of uncertainty and ambiguity
Qualifications and Experience Required:
- Information Systems / Information Technology degree
- Excellent English, both written and spoken
- Minimum 6-8 years of Cyber Security experience
- Risk Mindset - Ability to identify risks and can apply them to broad areas
- Ability to communicate in an effective way
- Good ability on prioritisation, urgency and problem solving
- Good project management skills
- Experience with advanced Microsoft tools is an advantage (Powe BI, Power Apps)
- Knowledge of cloud security and compliance (e.g. Azure, AWS)
- Security qualification (i.e.: CISSP, CISA, CISM, SANS, etc) is a plus
Worker Type :
Regular
Primary Location:
Budapest
Additional Locations :
Job Posting Start Date :
2024-08-0
Responsibilities:
- Ensure security policies are in place, up to date and follows the framework of the choice (NIST, ISF, ISO27x)
- Set up and monitor metrics to inform management on the embedment of the policie
REQUIREMENT SUMMARY
Min:6.0Max:8.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Other
Graduate
Information Systems, Information Technology, Technology
Proficient
1
Budapest, Hungary