Head of Cybersecurity Operations

Details

Contract

Full-Time

Location

Lausanne, Switzerland

Department

Information Technology

Openings

1

Job ID

57727622

At PMI, we’ve chosen to do something incredible. We’re totally redefining our business and building our future on smoke-free products with the power to deliver a smoke-free future. With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and you will have the space to move your career forward in many different areas/directions. IT at PMI PMI’s journey to a smoke-free future implies a shift from a tobacco manufacturer to a science and technology-based consumer facing organisation. Such a shift creates an abundance of unique and progressive IT projects to match all levels of skills and ambitions. You’ll feel like you’re working in a start-up – with the freedom to shape and define the future of digital, but with the support and scope of a vast global business. You’ll get a chance to work with innovative technologies (e.g., Cloud, APIs, AI) as well as management practices (e.g., Agile, Design Thinking, Product Management). Our environment is fast-paced and highly collaborative. If you want the freedom to find new ways to connect with consumers, there’s no better place to progress your career. Digital at PMI is dynamic, diverse, and exciting. Join us and become a part of a top talent team where you can bring new ideas to life in a global function that is a key driver of the success of our business! Joining Product & Operations IT Within IT, the IT Product and Operations team is an experienced, forward-thinking & expert team composed of multiple sub streams. The main purpose of the team is to lead the digital strategy and transformation of Operations and Products functions through effective business partnering and conceptualizing, delivering and supporting innovative and secure IT technologies across the end-to-end value chain. When you join this team, you will work closely with the IT Product and Operations leadership team and critical business collaborators as a trusted technology partner to embed continuous innovation, work at speed and scale, develop your career in numerous directions in line with your aspirations and in a truly international and diverse context. What’s the purpose of this role? The Business Information Security Officer (BISO) for IT Operations and Product is looking for an experienced Head of cybersecurity operations who can design, build, and operate a new “next generation” Control Operation Centre within the 1st Line of Defense of IT Product & Operations platforms. In addition to the IT environment, this role will also actively support the implementation and expansion of cybersecurity operations across the OT environment. This position reports directly to the BISO for IT Operations and Product platforms and will be part of the cybersecurity leadership team. The responsibilities of this position span a wide range of areas, including: • Prioritizing, defining, and orchestrating the execution risk treatment strategy. • Developing and embedding capabilities and controls across the cybersecurity value chain (Identify, Protect, Detect, Respond, and Recover) to effectively sustain cybersecurity initiatives. • Operate and monitor security controls in a continuous manner, on behalf of control owners in Product and Operations functions. Your day-to-day • Support the BISO with the development and implementation of a Cybersecurity Operations strategy and programs, in alignment with the business goals of Product and Operations functions. • Together with the BISO, Lead and be responsible for the orchestration and execution of complex and strategic cybersecurity initiatives across Product and Operations functions. • Supervise the day-to-day activities of the cybersecurity operations team ensuring efficient control operations and testing. • Drive the implementation of operating model, processes, and procedures to transform the whole IT Product & Operations function in an effective 1st Line of Defense. • Support Operations and Product functions in the organisational change to become an effective business 1st Line of Defense, with focus on product owners, project managers and technology SMEs (e.g., at Engineering Solutions, Product Engineering, Product Development IoT, in PMI plant shop floor). • Work with strategic service providers to establish a cost-effective 1st Line of Defense structure capable of delivering continuous control monitoring. • Drive convergence between IT and OT with the objective of mitigating cyber risk and improving operational efficiency. • Keep alignment with IT Platforms partners to proactively implement "security-by-design" and "privacy-by-design" measures (people, processes, and tools). • Perform active measurement and governance on the CISO metrics. • Connect information security initiatives to compliance and regulatory requirements, and be responsible for internal and external audits (e.g., FDA, CAD, FM Global) and Qualification and Validation activities in scope of GxP. Who we are looking for: • Bachelor’s or master’s degree in computer science, information security, or a related field, or equivalent work experience. • 10+ years of Cybersecurity experience in multiple IT and/or OT roles, with progressive leadership responsibilities. • At least 3+ years of experience directly managing security and controls operations in a 1st Line of Defense structure. • Consistent record in coordinating information security initiatives, with exposure to business processes and related technology systems in some or all the following functional areas: Manufacturing, Engineering, Supply Chain, Product, Quality, Electronics Manufacturing. • Experience with enterprise level programs that use both traditional and agile frameworks, and the ability to adapt to changing requirements and priorities. • Proven track record in project management, with focus on partner, budget, communication, and virtual/indirect team management. • Strong leadership, communication, and collaboration skills, with the ability to influence and motivate teams and collaborators across the organization. • Broad security knowledge to speak credibly to IT/OT/IIoT technology and information security SMEs. • Strong teammate with ability to build pro-active, co-operative working relationships with peers and key partner, across cultures and geographies. • Knowledge of basic identity and access management concepts (e.g., single sign on, identity federation) and standards (e.g., SAML, OAuth 2.0, OpenID). • Experience in developing and managing budgets, schedules, resources, and risks for cybersecurity programs. • Experience in interacting with cybersecurity policies, standards, and best practices, and ensuring compliance with applicable laws and regulations. • Good understanding of security frameworks and standards (e.g., SOC2, ISO27001/27002, CSA, CIS, NIST, OWASP, etc.). • Experience in working with external partners, vendors, and auditors on cybersecurity related matters. • High energy level or equivalent experience and flexibility to meet a variety of demands while producing superior work products under short deadlines. • Ability to put “end user hat on;” empathize, anticipate, and solve problems. • Ability to build and maintain relationships with senior management, partners, and team members. Preferred Requirements: • Advanced knowledge of ICS/IoT/IIoT platforms, cloud computing architectures (e.g., SaaS, IaaS, PaaS), and related information security risks and frameworks. • Knowledge of protocols and architectures related to industrial environments (e.g., OPC UA, Purdue model). • Industrial information security training/certification (e.g., GICSP, ISO/IEC 62443). What’s in it for you? There are many IT Organizations out there, so why should you join ours? We believe PMI IT’s true strength is fuelled by our people, and that our success depends on them coming to work every single day with a sense of purpose and an appetite for progress. We are a people first organisation committed to providing you with first-class employee journey. Here’s a glimpse of what’s in it for you upon joining us: • Work-life balance: Wellbeing comes first. We offer a fantastic office environment and hybrid working options to ensure you have the best work-life balance possible • Learning & Development: Your growth is a priority. Our robust and varied learning & development ecosystem will help you strengthen your technical skills and enhance your soft skills and eye for business. The capabilities you will acquire with us will support your life-time employability within IT, PMI, and beyond • Inclusion & Diversity: Our differences - much more than our similarities - generate the innovation we are looking for. We aspire to build a diverse and inclusive organization to access the breadth and depth of thinking and sensitivity vital to thrive Every single IT colleague is part of our Transformation journey. Join us and pursue your ambitions – our staggering size and scale provides endless opportunities to progress. If this offer resonates with you, we look forward to receiving your application and getting to know you. Together, let’s deliver a smoke free future. #LI-HybridApply

Related jobs

Other jobs available

Manager InfoSec Operations Plants

• Information Technology
• FULL-TIME
• Albarraque,Portugal

InfoSec Operational Excellence Specialist

• Information Technology
• FULL-TIME
• London,United Kingdom

(Senior) Information Security Engineer Assessments

• Information Technology
• FULL-TIME
• Albarraque,Portugal

Security Manager, Supply Chain and Track & Trace

• Information Technology
• FULL-TIME
• London,United Kingdom

Manager InfoSec & Compliance

• Information Technology
• FULL-TIME
• Kraków,Poland

(Senior) Information Security Engineer Assessments

• Information Technology
• FULL-TIME
• Kraków,Poland

Senior Information Security Analyst Risk Management

• Information Technology
• FULL-TIME
• London,United Kingdom