Senior Informational Security Manager

The role is responsible for all efforts to reach a state of continuous compliance by partnering and engaging with our technology, business, and brand teams to adhere to policies, reduce security risks and maintain compliance. Part of overall duties is to establish, maintain and advance the information governance framework.

Key Responsibilities

Enterprise IT Governance:

• Reviews current and proposed information systems for compliance with the organization’s obligations (including legislation, regulatory, contractual and agreed standards/policies) and adherence to overall strategy.
• Provides specialist advice to those accountable for governance to correct compliance issues. Information Governance
• Ensures implementation of information and records management policies and standard practice.
• Ensures effective controls are in place for internal delegation, audit and control relating to information and records management.
• Assesses and manages risks around the use of information.
• Provides reports on the consolidated status of information controls to inform effective decision making.
• Recommends remediation actions as required.
• Ensures that information is presented effectively.

Information security:

• Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
• Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems. Investigates major breaches of security and recommends appropriate control improvements.
• Contributes to development of information security policy, standards and guidelines.
• Interprets information assurance and security policies and applies these in order to manage risks.
• Provides advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines.
• Uses testing to support information assurance.
• Contributes to the development of policies, standards and guidelines.

Business risk management:

• Carries out risk assessment within a defined functional or technical area of business.
• Uses consistent processes for identifying potential risk events, quantifying and documenting the probability of occurrence and the impact on the business.
• Refers to domain experts for guidance on specialized areas of risk, such as architecture and environment.
• Co-ordinates the development of countermeasures and contingency plans.
• Continuity Management
• Implements and contributes to the development of a continuity management plan.
• Coordinates the assessment of risks to the availability, integrity and confidentiality of systems that support critical business processes.
• Coordinates the planning, designing, and testing of maintenance procedures and contingency plans. Quality Assurance
• Contributes to the collection of evidence and the conduct of formal audits or reviews of activities, processes, data, products or services. Examines records for evidence that appropriate testing and other quality control activities have taken place and determines compliance with organizational directives, standards and procedures. Identifies noncompliances, non-conformances and abnormal occurrences.

Conformance review

• Conducts formal reviews of activities, processes, products or services.
• Collects, collates and examines records as part of specified testing strategies for evidence of compliance with management directives, or the identification of abnormal occurrences.
• Analyses evidence collated and drafts part or all of formal reports commenting on the conformance found to exist in the reviewed part of an information systems environment.

Relationship Management

• Implements stakeholder engagement/communications plan.
• Deals with problems and issues, managing resolutions, corrective actions, lessons learned and the collection and dissemination of relevant information.
• Collects and uses feedback from customers and stakeholders to help measure effectiveness of stakeholder management.
• Helps develop and enhance customer and stakeholder relationships.
• Is involved in recruiting process and proposes support for hiring decision and pre-selection of candidates
• Allocates the different work to the respective employees considering experience, complexity, workload and organizational efficiency
• Continuously monitors and evaluates team workload and organizational efficiency with the support of IT systems, data and analysis and team feedback and makes appropriate changes to meet business needs.
• Provides team members/direct reports with clear direction and targets that are aligned with business needs and GIT objectives

Key Relationships:

• Global IT
• Respective business function (GOPS, Finance, HR, Brand Marketing, Wholesale/Retail)
• HR Management
• Controlling Requisite

Experience:

• University degree with focus on Business Administration or IT or related areas, or equivalent combination of education and experience
• Proficient spoken and written command of English
• At least 7-year experience in IT
• 5 years of experience in relevant area
• 2 years of experience in team management
• Strong understanding & knowledge of regional and global market landscape and the respective customer
• Managed critical elements and cross functional and regional project

• Possibility of development in a worldwide international company;
• Work with a highly professional and friendly team;
• Company subsidized lunches;
• Sports club membership;
• Discount on company products;
• Free parking area;
• 10-15 minutes on a corporate transport from m.1905/m. Krylatskaya.