Jobseekers Join today Employers Post Jobs Info


Keywords      Location
 
Categories
Accounting / FinanceAdministrativeArts / Entertainment / PublishingBanking / LoansConstruction / FacilitiesCustomer ServiceEducation / TrainingEngineering / ArchitectureGovernment / MilitaryHealthcareComputer / InternetHospitality / TravelHuman ResourcesInsuranceLaw Enforcement / SecurityLegalManufacturing / MechanicalMarketing / Advertising / PRNon-Profit / VolunteeringPharmaceutical / Bio-techReal EstateRestaurant / Food ServiceRetailSalesTelecommunicationsTransportation / LogisticsManagement / Consulting


Manager, information security and risk management - All Locations

Company
Nokia Siemens Networks
Location
All Locations
Category
Healthcare
Required education
Bachelor's Degree

Main Responsibility Area

Responsible for cost-effective and high quality delivery and management of security services (primarily Information Security & BCM). Acts as customer interface towards line managers to implement global security services and solutions to meet local customer needs, legislation and security threats. Act as a program or project manager in regional security projects. Has local budgeting responsibility for security costs.

Position Description

Main Responsibility Areas and Key Tasks - Leads regional Information Security strategy creation, development and implementation.

- Carries out various types of risk assessments/reviews on key business processes.

- Ensures continued compliance with ISO27001 and other relevant standards where Info Sec and Risk Mgt are required (SAS70, OHS18001 etc)

- Maintains working relationship with government authorities to ensure company compliance of government regulations and directives.

- Coaches regional team to deal with the rapid changes in order to align information security strategy and service with business needs.

- Manages and monitors implementation of regional plans and people management processes.

- Promotes competence and service development within own team and region.

- Identifies development opportunities and provide best practice inputs into development of Corporate Health, Safety and Security services, solutions, processes and tools.

- Ensures implementation and use of new HSS solutions and processes in a consistent way in co-operation with other Corporate Functions, including efficient communication and change management.

- Liaises with regional Business Management, industry-wide joint groups, security and law enforcement agencies as well as governments officials. Key tasks for Information Security:

Information Security awareness among employees and promotion of E learning awareness.

Induction sessions on Information Security for new joiners.

Support to and liaison with Business Information Security teams on Information Security requirements.

Supporting customer (Bharti, Vodafone, Tata etc.) requirements for Information Security compliance.

Solution provisioning/ proposals for Managed Services and Managed Services’ low cost business.

Cooperation with IT in devising and implementing new solutions and related strategy. Support in pre-bid related activities on Information Security and Business Continuity. Assessment of key collaborators for IT, Information Security compliance to NSN standard processes.

Key tasks for Risk management:

Business liaison and support on customer related Business Continuity requirements. Support to Business units on training and continual learning of nominated Business Continuity Management coordinators.

Risk assessment for BU/critical sites on regular basis and proposing/developing mitigation mechanism.

Facilitation of Business Continuity plan creation processes for critical Business Units and sites.

Business case preparation for risk mitigation mechanisms and cost/benefit analysis.

Continual evaluation of BCM plan evaluation and understanding of BCM maturity model.

Conducting crisis management table top exercises.

Conducting drills and evacuation exercises.

Position Requirements  Individual Portfolio & Competencies

Professional qualifications: University degree, e.g. for Engineering in Electronics or Computer Sciences.

Certifications in Information Security/ IT security (CISSP/CISA/ ISO 27001 etc.) and for Business Continuity (BS25999, ABCP/CBCP etc.) are needed. Having published some advanced studies regarding business or security is desired. 

This person is a recognized thought leader. Fluency in written and spoken English is required, a second or third language is an advantage.

Experience: A manager with sound practical understanding of global business under cultural diversities is essential.

 Recognized expert in the fields of Information Security and Risk Management, in depth & breadth. Typically 5 - 7 years of relevant experience. 

Understanding of business, experience in similar domain preferably telecoms industry, prior expertise in IT/ Information Security, Business continuity, ability to work in virtual environment, strong communication and negotiation skills.

Experienced and knowledgeable in knowing the following array of services as well:

. Crisis Management plan development, training and deployment, risk analysis Safety

. Business continuity planning

. Physical security and loss prevention 

. Managing security assessments, audits and presentations

The candidate must have planning ability together with budgetary control skills and experience of managing people in a multinational environment. Relevant experience in stakeholder management internally as well as with the customer.