Senior Security Manager Office Of The Ciso Job in Unisys

We Believe in Better!

We are a global information technology company that builds high-performance, security-centric solutions that can help change the world. Enhancing peoples lives through secure, reliable advanced technology is our vision.

At Unisys, we believe in better! Here, you have the opportunity to learn new skills, apply your expertise, and solve complex problems with cutting edge technologies and solutions. You are part of a global diverse team that supports you, drives change, and delivers successful results consistently.

Our associates are at the forefront of everything we do, driving our clients successes while giving back to communities and making this world a safer and more secure place to live and work. Our success is a direct result of the work of our people who live and breathe our .Simply put, we believe in better lives. Join us!

Learn more about Unisys and our key solution offerings: , , ,

What success looks like in this role:

Position Summary:

This role will be responsible for leading the Governance, Risk, compliance and Audit programs from the Cybersecurity side working within the Office of the CISO organization in Unisys. The position will cover all aspects of the GRC program including supporting GRC tool implementation for new use cases, supporting the improvement of the TPRM program and conducting security audits in key risk areas and establishing the cloud security program. This role involves high level of communication with business stakeholders, internal teams within Office of the CISO and other service lines within the business units.

Reporting Relationship:

Senior Security Manager will report to the Senior Director Security Audits and Compliance

Working relationship with Internal and External Teams

• Work closely with Global Procurement teams central and regional
• Work alongside Legal and privacy teams(Global and Region)
• Work with Office of the CISO team risk analyst, Regional Security and Privacy officer, CISO leadership teams
• Work with Business units, Regional team(APAC, Americas, EMEA) and service line leadership teams(Cloud, Global Workplace, Application services and Security Services)
• Work with Global Internal Audit team and Unisys Information Technology teams
• External Certifying agency, Vendors, client auditors, clients

Key Responsibilities:

• Working with Unisys IT teams, develop the Cloud Security program including policy and implementation to determine current cloud compliance against industry frameworks, best practices.
• Work with the teams to work on remediation actions and escalate risks to UIT and CISO leadership teams.
• Improve the overall risk management framework/ practices/policy to mature from existing to quantitative risk management using FAIR method or other Industry best practices.
• Support in implementing new use cases in the Service Now GRC module and help drive adoption across all the modules.
• Work with RSPOs and support implementing controls across all regions in a consistent manner.
• Be the point of escalation and provide direction during conflicting situations of vendor responses relating to data privacy, information security, business continuity, fourth party and subcontracting, cloud security.
• Continuously monitor the external environment for new technology/tools/platform and come up with solutions to be able to integrate current platform with market leading solutions.
• Lead and assist team members and the function with research and designated TPRM related continuous improvement projects, automation opportunities and platform enhancements through added features.
• Support Security internal audit team towards validation checks, perform key strategic internal audits on key risk areas and publish reports to the leadership teams.
• Work with CISO leadership teams on key initiatives related to GRC /Cloud /TPRM/BCM

Knowledge and Qualifications:

• Bachelors/ Masters Degree in Engineering in Computer Science. Additional weightage for candidates with Masters degree in Cybersecurity.

• CISSP certification is a pre-requisite. Additionally CISM or CISA, CCSP certification will be preferred.
• Knowledge of privacy principles and concepts, CIPT or CIPP certification preferable
• Basic knowledge of Application Security and cloud security controls like CCM etc.

• Must have a minimum 10 years of relevant working-experience in Cybersecurity preferably in the risk management/governance/third party risk and overall experience of 12-15 years.
• Must be articulate and persuasive leader who can serve as an effective advisor to the regional senior management team and who is able to communicate governance and security-related concepts to a broad range of technical and non-technical staff.
• Excellent oral, written and presentation skills.
• Excellent interpersonal and teamwork capabilities in order to build relationships and confidence among business users.
• Ability to indirectly manage by influencing larger groups.
• Ability to work individually but also to collaborate in a virtual team, with vendors and clients.
• Good change management and project planning skills.

You will be successful in this role if you have:

Key Qualifications

A Bachelors degree and minimum of 8 years experience in business operations, program management and/or related areas of expertise is required.
A Masters degree in business administration or operational excellence is preferred
Must have the ability to collect, analyze, and interpret qualitative and quantitative data.
Proficiency in working with a team to identify business process improvements delivering significant value to an organization is required.
Must have the ability to build strong working relationships with leaders.
Outstanding interpersonal skills, including the ability to work effectively in a consensus-driven organization and to create consensus-based support for strategies and processes is required
Excellent writing and verbal communication skills, the ability to interact credibly with all levels in an organization, tailoring communications effectively for different groups and stakeholders is required.