Assistant Manager Information Security Functional Platform
Bengaluru (Bangalore Urban) IT development
Job description
MAIN JOB PURPOSE
It is our Secure by Design Team that assess the security of new IT Solutions and it is within this team that we are recruiting for an individual to partner our Core Business Operations and Information & Analytics (I&A) IT Platforms. The role will report into the Information Security Functional Platform Manager for Core Business Operations and Information & Analytics (I&A).
JOB SUMMARY
Within the scope of responsibilities, the Functional Platform Information Security Analyst is responsible for
Engagement
· Partnering the IT Platform Teams for Global Supply Chain, Global Finance, Core ERP and I&A in relation to all aspects pertaining to Information Security.
· For platforms leveraging SAP, forging a close working relationship with the Solution and GRC Platform Team, that oversees the Security of our SAP estate.
· Understanding respective technology roadmaps for the functions stated above and being aligned with upcoming projects and innovations.
· Working with the respective IT Platform Teams to ensure that key Information Security and Privacy Regulations land effectively, for example, ensuring that the General Data Protection Regulation (GDPR) is adhered to.
· Manage project and stakeholder expectations pertaining to Information Security processes.
Technology Awareness
· Developing a good working knowledge in relation to the Applications and Foundation Platforms being used within our Global Supply Chain, Global Finance, Core ERP and I&A organisation.
· Understand key Information Security considerations in relation to these Applications and Platforms, including key themes around Info Sec pertaining to Cloud Services.
· Understand key Information Security considerations in relation to the SAP landscape.
· Understand key Information Security considerations in relation to I&A (Business Intelligence) technologies, for example, Azure Data + Analytics landscape and Tableau.
· In relation to the technologies above, building knowledge and understanding in relation to the IT Security controls around these products.
Secure by Design
· Support our Global Supply Chain, Global Finance, Core ERP and I&A organisations through relevant Information Security processes.
· Take a lead in progressing new projects through the Secure by Design (SBD) processes, for example, leading Criticality Assessments and driving Information Security Assessments to completion.
· Support the projects in meeting requirements from Information Security compliance and provide support in relation to sign-off prior to go-live of the projects.
· Manage any non-compliance to Information Security requirements and ensure that the impacts and risks are documented, managed and understood by key stakeholders.
· Ensure that compliance KPI for platforms are available and that these are shared with platform teams including ownership for resolving issues.
· Ensure that solutions are appropriately handed over to the Information Security Operations Team.
Crown Jewels & KFAS
· Support the Platform Team and Information Security Functional Platform Manager in designing and delivering Crown Jewels reporting.
· Lead remediation activities across platform team to ensure appropriate compliance levels, with regular reviews and health assessments in place.
· Support the identification, assessment and remediation activities related to Security Controls around our Key Financial Analysis systems (KFAS).
KEY REQUIREMENTS
Skills and competencies
· Strong communication and stakeholder management at management level.
· Proven ability to influence others, especially outside of an Information Security audience.
· Excellent time management, prioritization of tasks and quality of delivery.
· Working with geographically distributed teams.
· An understanding and knowledge-base in relation to a quorum of technologies identified above.
· An understanding and knowledge-base in relation to Cloud (PaaS and/or SaaS) solutions.
· Understanding of Information Security control frameworks (e.g. ISO27000) or relevant Data Regulations (such as European Data Protection Regulation or EU GDPR) would be an advantage.
Relevant experience
· Experience of working within an IT function partnering Global Supply Chain, Global Finance, Core ERP and/or I&A (Business Intelligence) functions within a large organisation will be an advantage.
· A sound and broad knowledge of all, or a subset, of the technologies highlighted throughout this role profile. The applicant should have either have worked within Information Security or have a distinct and demonstrable passion to enter an Information Security role.