HAVI / TMSW

  • Senior IT Security Manager

    Location
    UK-London
  • Overview

    HAVI Logo 2016

    HAVI is a privately held global company that innovates, optimizes and drives the supply chains and marketing promotions of many of the best known brands in the world. When you work at HAVI, you have a chance to make your mark – to be a part of work that drives value, brings a smile and keeps everyday life moving forward. Which means it’s not the size of our global footprint, but rather your personal fingerprint, that has the power to make a real difference for our customers… and to touch the lives of people both at home and around the world.

    Responsibilities

    This position is an active member of HAVI's Global Security Office responsible for leading, directing and coordinating compliance, security management, security program and project governance, along with continuous improvement efforts within the Global Security Team, the security group of HAVI's Global Information Technology Organization. This role leads and mentors direct reports and team members ensuring that each discipline is positioned to be successful in meeting both customer and business goals, while complying with Havi’s standards and practices. 

     

    The role will manage security compliance and dependencies across the disciplines and organization.

    Responsibilities include the following:

    • Contribute to development and continual improvement of Havi’s security policies, standards and guidelines. Identify the business need of new security documentation and oversees its development and implementation.
    • Monitor and assess processes, as well as control activities, to ensure compliance with security policies, as well as applicable state and federal regulations.
    • Serve as a subject matter expert on administrative, physical and technical security controls required for security compliance. Coordinate and/or oversee implementation of security controls.
    • Implements information security management system as determined by business needs. Oversees the program and coordinates any ISO 27001 certification activities.
    • Provides guidance to internal customers on security compliance topics such as PCI, HIPAA, SOC 2 attestation, and ISO 27001 certification.
    • Conduct audits of key processes and controls, gap analyses, and risk assessments to assess control operating effectiveness, as well as evidentiary adequacy. Interface with corporate governance, internal and external auditors; this function is the focal point of internal, external and customer security audit requests and testing.
    • Coordinate evidence production on request, research issues with staff, coordinate availability of resources and systems, and ensure the technical and record keeping infrastructure is ready for each audit cycle.
    • Participate in security awareness initiatives and publishes security bulletins, newsletters, etc.
    • Mentor team and direct reports  in compliance responsibilities, while providing appropriate communication, education, and expertise to management, associates and where applicable, customers.
    • Managerial duties include include hiring, training, objective setting, performance reviews and professional development of team member.

    Desired Skills & Experience

    Essential Job Function:

    • Demonstrate thought leadership regarding essential security risk and compliance concepts, processes, and procedures and their impact on IT and business processes.
    • Participate in compliance initiatives such as internal and external audits, client security RFP responses, client security contractual reviews, and security certification initiatives
    • Implement improvement program for risk and compliance processes
    • Promote business partnerships regarding risk issues with executives,  auditors and vendors.
    • Maintain a leadership support role in information security governance, including the budgeting and resource planning cycles.
    • Demonstrate interpersonal, presentation, and leadership skills required for gaining commitment from the organization to take appropriate next steps and to follow up on actions and commitments.
    • Review and /or oversee the development of department processes
    • Handling & resolving security related incident escalations
    • Working knowledge in vulnerability management, secure coding and systems development

    Skills:

    • Good communications skills: oral, written and listening
    • Presentation skills
    • Ability to coach, supervise and assist staff with personal development
    • Strong judgment and decision-making skills
    • Working knowledge of project management methodology inclusive of project estimating,  resource planning, budgeting, time and cost estimation, monitoring and quality concepts.
    • Ability to work effectively with business area management and staff
    • Travel: This position will periodically visit other offices; will require domestic or international travel.

     

    Education & Certifications

    • Undergraduate degree (or equivalent), preferably in Computer Science, Information Systems, or a related field; relevant working IT experience considered.
    • Education and experience should also include auditing and/or operational risk management exposure
    • Security certification such as ISMS Lead Auditor, ISMS Lead Implementer, CISA, CISM or CISSP strongly preferred

     

    Experience

    • At least 10 years of IT and / or information security-related experience, including at least 5 years audit, risk or compliance experience
    • Familiarity with general information security controls, processes and principles
    • Prior people management experience

    Benefits

    Our total rewards philosophy integrates programs for compensation, benefits, recognition, learning and development, corporate culture, corporate citizenship and work-life balance. While individual program components may differ by country, some things remain constant:

     

       …our commitment to rewarding results

       …the opportunity to work with talented and driven individuals at every level of our company who respect each other, treat each other fairly and hold one another accountable for our customers’—and our company’s success

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Need help finding the right job?

    We can recommend jobs specifically for you! Click here to get started.