Job Title:  IT Security Advisory Associate Manager

Job Number:  1671

 British American Tobacco (BAT) is one of the world’s leading consumer goods companies, with brands sold around the globe. We employ over 55,000 people globally, partner with over 90,000 farmers and have factories and offices all over the world.  

The CISO office centralises the global security and IT compliance functions for the BAT Group, covering policy definition as well as compliance, management of security technologies and services, security advisory functions and incident response.   

 

IT Security Advisory Associate Manager

 

 

Responsible to ensure adequate level of security controls and consideration is integrated for all new project and solution implementation to align with BAT’s Security policies and standards, ensuring all security processes, systems and protocols are aligned to agreed standards.  

 

This is not an audit or compliance focused role. The consultant would be expected to provide pragmatic information security advice, as well as perform project assurance activity to ensure the solution built and delivered meets business outcomes and facilitate compliance with the Group’s Security Policy, Framework and target risk position.  

 

KEY RESPONSIBILITY: 

 

·         Deliver effective & responsive consulting services on all aspects of enterprise risk, information security and technology solution 

·         Work on enterprise wide projects to provide advisory, design assurance and facilitating compliance with group’s IT security framework  

·         Work with architects and solution designers to incorporate appropriate security controls into end-to-end solutions 

·         Provide consulting to projects during the analysis, design and build phases of projects, such that the solution designs being deployed meet minimum standards and are aligned to BAT strategy 

·         Conduct service continuity, data protection & security assurance for projects, IT Services and third-part providers and ensure adequate security controls embedded within solution design, along project initiation, development and testing phase. 

·         Ensure security criteria are established during vendor selection and in third party agreements and that an appropriate level of IT security and service delivery are provided by vendors and third-parties 

 

 

 KEY RELATIONSHIPS  

 

·         Business & IT stakeholders  

·         PMO and project delivery 

·         Wider IT & Security team 

·         External auditors & 3rd Party Vendors  

 

 

SKILLS AND ATTRIBUTES 

 

Qualifications and experiences 

 

·         University degree in technology or a related discipline 

·         Professional certification in IT and Security preferred – e.g. CISSP, CISA or CISM 

·         3 or more years of progressive information security, IT or architecture experience 

·         A good working knowledge of methods and best practice in compliance / risk management / IT Security with good understanding of the technical details of security threats and mitigating controls 

·         Knowledge of development, design and project management methodologies and experience in reviewing application / infrastructure security architecture and design  

·         Good consulting and risk analysis skills, ability in problem solving, critical thinking and time management to drive security outcomes with both business and technical staff 

·         Experience translating the business impact of security risks into language that non-technical staff can understand 

·         Technical security background and broad experience in system and applications support and demonstrable ability to apply security controls to mitigate security risks in business solutions 

·         Experience of working in a complex geographical/functional matrix organization 

·         Skills in relationship management and influencing at all levels of the organization  

 

Other Attributes 

 

·         Knowledge of industry security, risk management and assessment methodologies and standards and applying them in a large enterprise environment - eg. ISO 27000 series, NIST, OWASP, PCI DSS 

·         Good understanding of current and emerging IT and security technologies, security threats and trends  

·         Exposure and demonstrable experience in a least one discipline; e.g. Microsoft, Oracle, Cisco, SAP 

·         Excellent written and communication skills including experience with non-technical audience 

 British American Tobacco (BAT) is one of the world’s leading consumer goods companies, with brands sold around the globe. We employ over 55,000 people globally, partner with over 90,000 farmers and have factories and offices all over the world.  

The CISO office centralises the global security and IT compliance functions for the BAT Group, covering policy definition as well as compliance, management of security technologies and services, security advisory functions and incident response.   


Job Segment: Assistant Manager, Consulting, Database, ERP, Oracle, Management, Technology

Apply now »
Find similar jobs: