Information Security Manager
Join a team of passionate thought leaders in a dynamic and collaborative environment! Microsoft Business Group Information & Cyber Security
team is growing fast and we're looking for our next Information Security Officer
to join us.
ROLE DESCRIPTIONWhat impact will you have in this role?
The Information Security Officer is responsible for ensuring appropriate controls are in place for the security of MBG information assets. The Information Security Officer safeguards information by highlighting risks, assessing the criticality of those risks and ensuring that they are accurately reported. The Information Security Officer is a leader within the organization as to providing an advisory service role and acting as a focal point for security and compliance related activities and responsibilities. This position will play a key role in managing the company's security posture, developing IT security policies, and forming controls over the company's information.
In this position, we a looking for someone who can work both with the technical side of our environments as well as the policy side.What will you be doing day-to-day?
What experience do you need to be successful in this role?
- Assist in enforcing enterprise-wide information security policies and procedures. Ensure policies and procedures are communicated to all applicable personnel and compliance is enforced on an ongoing basis.
- Ensure appropriate administrative, physical and technical safeguards are in place to protect MBG's information assets from internal and external threats
- Perform projects that span both technical and security workstreams to ensure the advancement of MBG's security posture.
- Meticulously identify, introduce, and implement appropriate procedures, including checks and balances, to test these safeguards regularly.
- Monitor threats and take preventive measures as needed. This may include monitoring and responding to specific security vulnerabilities and any intrusion-based threats within the MBG's environment, network, host systems or proprietary applications.
- Identify, control and report on incidents. Participate in security incident response activities and any technical investigations of security-related incidents. Review investigations after incidents, performing impact analysis and providing recommendations to executives around how to prevent similar incidents.
- Thoroughly conduct and complete annual reviews and audits engaging both internal business partners across the organization and external resources.
- Passionately manage and assist in performing ongoing security monitoring of information systems including assessing information security risk through qualitative risk analysis.
- Conducting functional and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements,
- Evaluating and recommending new information security technologies and countermeasures against threats to information or privacy and developing security reports and dashboards.
- Brief applicable teams on risk status. Communicate with stakeholders throughout the business around security threats.
- Ensure compliance with the changing laws and applicable regulations, while also maintaining a current understanding of the larger security threat landscape of the industry.
- Assist with proposing, evaluating and deploying solutions to manage information security risk in line with MBG's larger risk reduction strategy.
- Complete audits, survey, questionnaires and other data request from partners, customers, vendors and auditors.
- Ensure that disaster recovery and business continuity plans are in place and tested regularly.
- Advise and approve on the design of security systems and controls while scheduling/managing periodic third-party security audits for independent review.
- Interface with customers, business partners and other third parties it relates to information security.
- Manage employees, contractors and vendors involved in enterprise security, which may include evaluating, hiring, terminating, performance tracking, awareness and training as needed.
- Provide training and mentoring to MBG's security team members.
What education and certification credentials are needed for this role?
- Strong knowledge and understanding of security policies, audits, governance and risk compliance frameworks including industry and security best practices e.g. ISO27001, CIS, etc.
- Able to apply leadership in Information Security with strong strategic and business acumen.
- Have a strong understanding of advanced threat detections, continuous vulnerability assessment, response and mitigation strategies used in Cyber Security operations
- Excellent knowledge of technical management, information analysis and of computer hardware/software systems.
- Expertise in data centre management and data governance including Firewall functionality, encryption, host and network intrusion detection systems.
- Proven experience of threat assessment and vulnerability management across complex business structures
- Hands-on experience with computer networks, network administration and network deployment.
- Strong analytical with exceptional verbal and written communications skills - must have the ability to articulate technical knowledge and understanding to non-technical audiences.
Does the role require travel?Security Responsibility:
- Around 5 years' experience in the IT Security field
- Around 5 years' experience in the IT Operations field
- Significant experience working in a fast-paced environment with constantly shifting priorities.
All employees must act in accordance with MBG's corporate security standards.
BOUT THE COGNIZANT MICROSOFT BUSINESS GROUP (MBG)
The Cognizant Microsoft Business Group (MBG) has a singular purpose-advancing your cloud modernization journey with focus, simplicity and scale. The Microsoft Business Group is an end-to-end Microsoft-centric cloud solutions and managed services provider that leverages extensive experience and IP to deliver constant innovation and business value, powered by the Microsoft Cloud platform. We are designed to reflect how you think about cloud transformation from a platform native perspective. Our dedicated experts and trusted blueprint deliver your digital difference through the Microsoft Cloud: Azure, Microsoft 365 and Dynamics 365. We turn digital potential into real business performance at speed.
Who We Are
We are the destination employer for Microsoft-committed professionals, providing depth of specialization and differentiated career paths. We have authentic conversations, build connections and grow careers while centering ourselves around our employees. We are a global team of certified consultants across all relevant technologies, coupled with cloud focused advisory consultants. With our supercharged talent, we are the world's best Microsoft partner. We prioritize investing and expanding.
EQUAL EMPLOYMENT OPPORTUNITY
As a Global Cloud Transformation Consultancy business, the Cognizant Microsoft Business Group (MBG) understands diversity and inclusion in the workplace brings benefits to our customers, our business and most importantly, our people. We are committed to being an inclusive employer and we provide equal employment opportunities to all employees and applicants for employment.
The Cognizant Microsoft Business Group (MBG) prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other factors protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including all aspects of the recruiting and employment life-cycle at Cognizant Microsoft Business Group (MBG).