Manager InfoSec Strategy and Planning

Philip Morris International ,
London, Greater London

Overview

Job Description

Be a part of a revolutionary change At PMI, we've chosen to do something incredible. We're totally transforming our business, and building our future on smoke-free products with the power to improve the lives of a billion smokers worldwide. With huge change, comes huge opportunity. So, wherever you join us, you'll enjoy the freedom to dream up and deliver better, brighter solutions and the space to move your career forward in endlessly different directions. PMI's journey to a smoke-free future is fuelled by technology. The total transformation we're going through means that there are unique IT projects here to match all levels of skills and ambitions - from pace-setting global pilot projects to vital local updates. Whether you want to pursue a personal passion or build an international career, there's space here to develop in any number of directions. Join us as Manager Information Security Strategy and Planning and you will be part of our IT Information Security & Data Privacy international team based in London. You will lead a team of highly experienced IT InfoSec strategy and planning specialists who are coordinating the definition and monitoring of the global information security & data privacy strategies, incl. budget and business alignment, coordinating global InfoSec program activities, and developing and maintaining global InfoSec awareness and InfoSec communication programs. Your 'day to day' Lead with the InfoSec & Data Privacy leadership team the definition and planning of key IT InfoSec and data privacy strategies and mid/long-term initiatives in liaison with the IT leadership team and aligned with the enterprise business strategies. Prepare a set of simple but impactful materials presenting, explaining and marketing these initiatives and strategies to various audiences Plan key InfoSec and data privacy mid/long-term initiatives supporting the InfoSec and Data Privacy strategies over a 12/24/36-month time-horizon with the InfoSec & Data Privacy leadership team and ensure funding and resourcing is correctly allocated to these initiatives in the IT budget. Continuously monitor actuals against budget to ensure timely execution of the strategies and rapidly identify any deviation against plan Ensure and demonstrate key InfoSec and data privacy mid/long-term initiatives are aligned with the InfoSec and Data Privacy strategies, and that the InfoSec and Data Privacy strategies are aligned with enterprise strategic priorities and enablers and address key enterprise risks. Support the definition and implementation of strategic, comprehensive information security and risk management programs. Manage a team of highly skilled IT InfoSec strategy and awareness specialists which will proactively supports other IT teams by providing clarification and guidance on InfoSec and data privacy key strategies and initiatives. Coordinate the design, evaluation, implementation, and development of new or updated InfoSec and data privacy awareness. Establish and maintain meaningful relationships with technology vendors and other business partners in this domain. Partner with other Information Security & Data Privacy teams to continuously identify new strategic initiative, collect feedback on existing ones, improve our strategies and communication to achieve higher levels of information security maturity. Who we're looking for Master's degree in computer/data science, finance, or business administration with a major in technology Professional certifications in Information Security or Cybersecurity (e.g. CISSP, CISM, CISA, CRISC, Certified in the Governance of Enterprise IT, ISO 27001 Lead Auditor/Implementer), Digital Marketing (e.g. Certified digital Marketing Professional, Professional Certified Marketer), or Strategy management (e.g. Strategic Management Certificate, Business Strategy Certificate, etc.) Demonstrated experience in defining and deploying IT strategic initiatives in modern IT environment comprising cloud computing, big data, DevOps, IoT, next-generation firewalls, identity & access management and data leakage prevention solutions Minimum 8-10 years of experience in forecasting, planning, budgeting or project management Minimum 5-7 years of experience in leading and evolving an information security or IT risk assurance discipline within a large organisation Considerable writing proficiency, story-telling and oral presentation skills, in English. Analytic skills, conceptual design skills and decision-making skills Proven track record in coaching, mentoring and developing technical staff, including providing career development planning and opportunities Good knowledge of industry and regulatory requirements (e.g. SOX, GDPR, PCI-DSS) Practical experience in Agile/DevOps organizations and cultures Highly collaborative, with ability to build relationships with colleagues from different cultures throughout the organization The job/role offer is subject to valid right to work in UK What we offer Our success depend