Job title: Manager InfoSec Risk Management
Company: Philip Morris International
Job description: At PMI, we’ve chosen to do something incredible.
We’re totally transforming our business and building our future on smoke-free products with the power to deliver a smoke-free future
With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and you will have the space to move your career forward in many different areas/directions.
IT at PMI
PMI’s journey to a smoke-free future implies a shift from a tobacco manufacturer to a science and technology-based consumer facing organisation.
Such a shift creates an abundance of unique and progressive IT projects to match all levels of skills and ambitions. You’ll feel like you’re working in a start-up – with the freedom to shape and define the future of digital, but with the support and scope of a vast global business. You’ll get a chance to work with pioneering technologies (e.g., Cloud, APIs, AI) as well as management practices (e.g., Agile, Design Thinking, Product Management). Our environment is fast-paced and highly collaborative. If you want the freedom to find new ways to connect with consumers, there’s no better place to progress your career.
Digital at PMI is dynamic, diverse, and innovative. Join us and become a part of a top talent team where you can bring new ideas to life in a global function that is a key driver of the success of our business.
Joining Information Security
Running at the forefront of PMI’s Digital Transformation, Information Security offers guidance, solutions and advisory all across PMI, supporting our secure journey towards a smoke-free future.
Our scope ranges from security assessments, architecture, governance and risk advisory, through resilience, cyber threat intelligence and incident response, to supporting PMI Functions, Markets, and Platforms (e.g. Finance, People & Culture, Operations, Consumer or Product) and building an organizational security culture.
What’s the purpose of this role?
- The purpose of the Manager InfoSec Risk Management is to lead the design, development, and enhancement of the enterprise IT risk management framework, closely aligned with internationally recognized risk management frameworks, and to foster a more risk aware culture in the IT organization.
Where we See This Role Going
- As we progress on our business transformation journey, the Manager InfoSec Risk Management will drive the adoption of risk-based decision making to facilitate our IT transformation
- The role actively participates in the definition and monitoring of the enterprise risk management framework with other risk assurance functions
- We see this role further growing with the function and the company, and are looking for an experienced profile with the clear willingness to design and build strong risk management capabilities within the IT organization
- Drive the strategy, design, adoption, and governance of risk management subject areas within IT worldwide operations and foster a risk balanced entrepreneurship within the IT organization
- Lead the communication, engagement, and escalation strategies with all internal customers & service partners to ensure alignment of operational plans and activities with enterprise IT risk management
- Drive the design and implementation of continuous governance of IT risk management standards and processes necessary for PMI to meet its current and future information security and risk management needs as defined either by regulatory requirements or consumer expectations.
- Provide continuous guidance and advisory to the worldwide IT organization to facilitate adherence to all PMI policies and guidelines on IT risk management.
- Provide training and awareness sessions on IT risk management and related tooling and processes to the worldwide IT organization
- Attract, develop and retain the best talent to build a flexible, agile and innovative team of IT risk management specialists supporting the organization in adopting risk-based decision-making culture
Who are you?
- Expert in risk management keen to develop a strong risk aware culture in the IT organization
- Trusted advisor to IT management on continuous monitoring of IT risk posture
- 5-8 years of experience in Information Security, IT Audit or IT
- Operational experience in deploying and maintaining IT risk management processes in large organizations based on leading industry standards such as ISO 2700x, ISF IRAM2, or FAIR methodologies
- Understanding of key IT delivery processes and business processes (ITIL, IT Operations, Enterprise Risk Management, Agile, Cloud Solutions, Project Management, B2C, B2B)
- Experience in multinational Co.
- Experience in Vendor Management
- Experience in Information Management
- Minimum 3 years of people management across global and multicultural teams
What is needed to succeed in this Role?
- Advise the IT organization and the wider business on IT risk identification, assessment, and treatment, including on the design of new processes and systems that meet professional risk management standards
- Maintain and renew a deep knowledge and understanding of the organization’s policies and procedures and risk management industry standards to drive the continuous evolution of the enterprise IT risk management framework
- Support the organization in the adoption of a risk-based decision-making culture to accelerate our business transformation, while handling risk and meeting regulatory compliance requirements as a part of a governance, risk, and compliance (GRC) framework
What’s in it for you?
There are many IT Organizations out there, so why should you join ours?
We believe PMI IT’s true strength is fuelled by our people, and that our success depends on them coming to work every single day with a sense of purpose and an appetite for progress. We are a people first organisation committed to providing you with first-class employee journey. Here’s a glimpse of what’s in it for you upon joining us:
- Work-life balance: Wellbeing comes first. We offer a fantastic office environment and hybrid working options to ensure you have the best work-life balance possible
- Learning & Development: Your growth is a priority. Our robust and varied learning & development ecosystem will help you strengthen your technical skills and enhance your soft skills and intuition for business. The capabilities you will acquire with us will support your life-time employability within IT, PMI, and beyond
- Inclusion & Diversity: Our differences – much more than our similarities – generate the innovation we are looking for. We aspire to build a diverse and inclusive organization to access the breadth and depth of thinking and sensitivity necessary to thrive
Every single IT colleague is part of our Transformation journey. Join us and pursue your ambitions – our staggering size and scale provides endless opportunities to progress. If this offer resonates with you, we look forward to receiving your application and getting to know you.
Together, let’s deliver a smoke free future.
Job date: Fri, 15 Jul 2022 00:12:16 GMT
Apply for the job now!