This position is responsible for a given portfolio aligning Information Security (IS) services with business / ITG priorities and capabilities; serving as the IS single point of contact for the portfolio, ensuring transparency and accountability for all IS services supporting the business portfolio; understanding business / ITG strategies and working across IS teams to translate into IS risks, impacts and solutions; promotes the protection and security of the portfolio's data and client information, data, systems and intellectual property.
*Act as a business liaison and security evangelist to the ITG portfolios / business counterparts, identifying business needs and helping sell the business case for security.
*Understand and communicate business requirements and project timelines.
*Engage Security Design & Architecture team to understand security implications and plan project timelines.
*Understand security technologies & compliance policies.
*Prepares periodic cybersecurity reports for senior business management summarizing their risk posture.
*Interprets and translates the cybersecurity requirements/needs of the business into technical requirements.
*Helps to determine the appropriate levels of controls to safeguard sensitive data and validate those controls are being implemented.
*Collaborate with internal/external business partners to help develop and implement effective information security and privacy programs.
*Serve as an information security subject matter expert for business portfolio.
*Manage, monitor and track information security initiatives.
*Coordinates the information security compliance activities, including adherence to applicable laws and standards such as HIPAA, PCI-DSS.
*Facilitate risk remediation discussions with key stakeholders and SMEs.
*Provide business feedback into IS services, processes and capabilities for improvement.
*Responds to security events by initiating and coordinating emergency actions to protect the business unit from an imminent loss of information or value.
*Monitors changes in the risk profile of the highly critical systems.
Required Job Qualifications:
*Bachelors Degree and 10 years in Information Technology / Security.
*2 years of leadership experience with planning and managing security engagements.
*Understanding of business and IT priorities (e.g., vision), trends (e.g., industry knowledge) and markets (e.g., existing/ planned).
*Understanding of current and emerging IT risks.
*Understanding of business operations including products and services.
*Problem solving / analytical skills, tools and techniques.
*Customer relationship management.
*Experience with compliance requirements (ex. HIPAA).
*Experience interacting with business leadership teams and advising them on compliance risks and issues.
*Written and verbal communication skills, including the ability to present ideas and concepts effectively to management.
*Technical understanding of client/server technologies, virtualization, application management, security principles, data storage and data center.
*System and technology integration
*IT security standards, procedures, policies (e.g., Hippa).
*Portfolio-specific applications and technologies.
*Portfolio management skills.
*Ability to navigate organizational politics.
*Ability to influence / negotiate.
*Ability to understand and translate strategic vision into business language.
*Ability to recognize and drive need for change.
*Teamwork and collaboration.
Preferred Job Qualifications:
*Bachelors Degree in Computer Science, MIS.
Job ID: CM-1024503