Description
PRIMARY FUNCTIONS/RESPONSIBILITIES
- Work cooperatively with external partners to improve adherence to security policy across all infrastructure managed by partners.
- Act as central interface and escalation point to businesses and external hosting partners for all operational security tasks and processes
- Work cooperatively with other security organizations inside the company on security incident management
- Work cooperatively with businesses to educate and drive awareness of security policies not being adhered to.
- Process manager or participant in several IT related processes (ie Identity and Access Management Process).
- Participate in process reviews with a focus on driving process improvements to improve efficiency and security.
- Participate in regular infrastructure patch board meetings to assess priority and criticality of security related patches.
- Work collaboratively with service line managers to enhance and mature security related features of the services.
- Drive remediation efforts around regulatory compliance with regards to infrastructure security.
- Work collaboratively with corporate security and information governance teams to establish corporate wide security policies.
- Participate in IT projects and/or manage external vendors in projects to ensure operational security requirements and issues are addressed.
- Stay aware and abreast of all infrastructure security related news and developments.
- Participation in regulatory and/or vendor audits involving security
KEY PERFORMANCE INDICATORS/MEASURES OF SUCCESS
- Improvement in the number of security policy failures across all infrastructure.
- Reduced amount of audit failures involving security.
- Improvement in security related patch adherence.
- Reduced number of vendor risk notifications involving infrastructure risks
JOB DIMENSION
- Responsible for global events, incidents, and projects involving infrastructure security
- Collaboration with global information governance teams in establishing security policies related to IT infrastructure, including but not limited to things such as security baselines and best practices
EDUCATION/EXPERIENCE
- 10+ years in IT security or related field
- Demonstrated experience in Operating System security for Windows, Linux, and Unix variants
- Demonstrated experience in virtualization and related security concerns
- Demonstrated understanding of network infrastructure and network security
- Graduate degree in computer science or related field, or equivalent work experience
- Ability to manage small teams and projects