JOB DESCRIPTION
As Business Security Leader (BSL), you will be a part of the Global Security team, helping the business improve its information security posture with respect to delivering on commitments to our clients, as well as reducing risk both inside client accounts and throughout the country as a whole. You will work closely with the business and clients to drive findings to remediation. This will be achieved by understanding the key assets and processes, identifying the risks and controls, evaluating the residual risk and suggesting incremental controls, as and where appropriate. Your role as BSL will be to engage with the business unit, acting in a consultative way to ensure security policies are being adhered to and incorporated into their processes and procedures, providing valuable guidance and assistance in solving real business problems.
Areas of Responsibility
- Ensure consistent adoption of Concentrix Information Security Policy and Standards across business unit(s)
- Ensure that appropriate visibility of non-compliance is raised to country executive leadership and partner with the business to remediate findings
- Proactively identify information security deficiencies or opportunities for improvement and facilitate the development of pragmatic solutions to drive consistency country-wide
- Act as a trusted business executive focal for all things Global Security (excluding physical security)
- Engage with clients and customers as needed to assist the business in the attainment of objectives
- Provide regular, timely reporting on information security initiative status across supported business units
- Performing information security reviews and security governance compliance assessment preparation for in scope standards such as: ISO270001, PCI, etc.
- Be “part of the business unit” team and act in a consultative way to help business improve its security posture and adhere to security policies and expected controls
- Ensuring new accounts, services, third party or client relationship, etc. have appropriate security controls embedded and that the risks are appropriate addressed
- Participate in BU and client facing engagements and present as needed
- Assist business in managing and preventing future incidents
Accountability
- Primary contact for security matters in country/region as appropriate
- Accountable for local implementation of country-specific global security strategies and initiatives
- Delivery of established Global Security metrics as well as all visibility enabling initiatives, country-wide
- Study the contracts signed with Clients, and validate continuous contractual compliance for all controls, both physical and logical.
- Accountable to drive identified account (client) and internal (corporate) risks, in partnership with key stakeholders, through to remediation or risk sign-off
JOB REQUIREMENTS
Skills & Requirements
- A strong consultative background Security solutions for business problems (Security risk and governance)
- Excellent communication/presentation skills including the ability to translate technical/security issues to business users
- Ability to communicate to and influence senior management
- Excellent Leadership skills with the ability to independently lead virtual teams to deliver results
- Self-motivated, willingness to take on challenges and adaptability to change and manage changing priorities
- Process Driven and an eye for detail
- A sound understanding of security best practices and international standards such as ISO2700 and PCI DSS
- Good understanding of key network and technical security controls
- Security Training and Awareness and Security Incident Management knowledge experience
- Demonstrable experience of driving operational implementation of risk reduction initiatives, across business units, using influencing and security skills
- Demonstrable experience of working within regulated environments
Certification(s)
Certified or willing to certify (within the first 6 months): CISA, CISM or CISSP