'%3e%3cpath d='M15.3069 13.1535H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 8.15347H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 3.30693H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath id='clip0_126_10407'%3e%3crect width='16' height='16' fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
Unilever - Information Security Innovation Manager
BangaloreBusiness Context and Main Purpose of the Job
- The Information Security Innovation Manager is primarily responsible for the engagement with IT innovation and architecture teams to ensure that Information Protection requirements are clearly understood, operating effectively and adequately managed for all new capabilities.
- The Innovation Manager must have an excellent understanding of both business requirements and all aspects of the Information Protection framework. Key to the role is senior stakeholder management within IT Innovation - acting as a single point of contact for IT capability owners.
- The innovation manager will manage a team of Information Security Innovation analysts and will also play a hands on role in ensuring control objectives are met
Main Accountabilities:
- To lead & manage a team of Information and IT Security SME's and to ensure that all Information Protection requirements are implemented in innovation activities and security related projects.
Governance And Engagement:
- Primary engagement for Information Security to a group of key senior stakeholders and to ensure that all Information Protection requirements are met in their key innovation initiatives.
- Manage senior stakeholder expectations with regard to Information Protection processes.
- Responsibility for all Information Protection aspects for several IT portfolios.
- Responsibility for the operation of Information Protection requirements in the IT innovation process, Business / IT engagement, Information Security standards, Security testing and key supplier management.
- Provision of all required reporting aspects to measure process compliance and provide assurance to senior stakeholders.
- Support the Director Information Security and work in partnership with the IT Leadership teams to develop and drive Security enabled IT delivery plans for the future.
- Collaborate with IT Security Operations, Information Security, Data Privacy and CTO teams to ensure alignment of plans and future requirements.
Innovation - Secure By Design:
- Define and operate the Secure by Design process to ensure that all new initiatives are appropriately identified and implemented with required Information Protection controls as part of a standard Software Development Life Cycle (SDLC).
- Analyse and report all Information Protection aspects for appropriate steering groups for relevant programmes and or key projects.
- Manage any non-compliance to Information Protection requirements and ensure that the impacts and risks are managed and understood by key stakeholders.
- Responsibility for the definition and implementation of any identified tooling required to operate the Secure by Design process.
- Measure and report Information Protection process & control compliance across the entire innovation portfolio.
Information Security Standards:
- Understand the corporate requirements related to security, legal and regulatory compliance, and ensure these are defined within current internal policies and standards.
- Work with Data Privacy and Legal teams to ensure Data protection and other regulation is embedded in security processes, standards and policies.
- Manage the process for the development, ratification and publishing of new security standards and control requirements across both the internal and external enterprise.
- Manage any non-compliance to control requirements through ongoing assessment and risk management processes.
Security Testing:
- Ensure that the right level of penetration testing happens for new projects and existing systems & infrastructure. Including assessment and management of results.
- Monitor and control scope and costs of penetration testing.
- Monitor and report key incidents and their corroboration with penetration testing and vulnerability management.
Team Management & Development:
- Responsible for managing a team of Information Security Subject Matter Experts, consisting of permanent and contractor resource.
- Responsible for the professional development of permanent team members.
Advisory:
- Offer internal consultancy advice and practical assistance on all matters relating to Information Security.
Essential:
- Team management, recruitment and development
- Minimum 5 years in an Information / IT Security management role.
- Minimum 5 years working at a middle management level in a large complex business environment requiring balanced risk decisions, technology decisions, and management of stakeholder pressures.
- Design, implementation and operation of all Information / IT Security processes.
- Working in roles requiring high level of technical standards, and operating within legislative and regulatory frameworks
- Implementing and managing Information Security assessments delivering positive outcomes and high trust to leadership.
- Achieving outcomes and results by influencing the way resources not in your control are utilised as well as in managing them directly
Key Skills:
- Professional qualification in information security - e.g. CISM CISSP or equivalent.
- Degree level education.
- Proven capability in the design, implementation and operation of Information Security control frameworks (e.g. ISO27000).
- Expert level understanding of all people, process, technical Information Security control requirements.
- Sound, broad knowledge of IT and business context.
- Understanding and knowledge of regulatory aspects of information security including data protection and SOX.
- Experience within a consumer goods or retail environment preferable.
- Excellent communication and senior stakeholder management.
Didn’t find the job appropriate? Report this Job
'%3e %3cpath d='M24 48C37.2548 48 48 37.2548 48 24C48 10.7452 37.2548 0 24 0C10.7452 0 0 10.7452 0 24C0 37.2548 10.7452 48 24 48Z' fill='%23333333' fill-opacity='0.8'/%3e %3cpath fill-rule='evenodd' clip-rule='evenodd' d='M22.5299 19.0115V19.5849V29.0154V31.5316C22.5299 32.3403 23.1967 33 24.004 33C24.8114 33 25.4784 32.3358 25.4784 31.5316V29.0154V19.5849V19.013L29.4885 23.0077C30.0627 23.5795 31.0044 23.5743 31.5733 23.0077C32.1421 22.441 32.1423 21.4975 31.5735 20.9308L30.1054 19.4684C30.0891 19.4504 30.0724 19.4329 30.0551 19.4156L25.0837 14.4634L25.0479 14.4264C24.9234 14.3024 24.7807 14.2055 24.6281 14.1358L24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946C24.0039 13.8983 23.3839 14.0068 22.9622 14.4268L22.9533 14.436L21.4743 15.9093C21.4615 15.9211 21.449 15.933 21.4367 15.9452L16.4286 20.934C15.8598 21.5008 15.8545 22.4389 16.4286 23.0108C17.0027 23.5826 17.9394 23.5827 18.5135 23.0109L20.0019 21.5283C20.0147 21.5164 20.0274 21.5043 20.0399 21.492L22.5299 19.0115ZM24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946L24.5952 14.1212Z' fill='white'/%3e %3c/g%3e %3cdefs%3e %3cclipPath id='clip0_99_1825'%3e %3crect width='48' height='48' fill='white'/%3e %3c/clipPath%3e %3c/defs%3e%3c/svg%3e "Scroll Up"){kind=small}