Vice President of Security

Stockholm, Stockholm , Sweden
den 27 januari 2021
den 28 mars 2021
CGI is a global IT and business process services provider delivering high-quality business consulting, systems integration and outsourcing services. With over 77 000 professionals in 40 countries, CGI has an industry-leading track record of on-time, on-budget projects, aligning our teams with clients' business strategies to achieve top-to-bottom line results.

We are now looking for a Vice President of Security to support multiple business units across Sweden, Denmark, and Norway. This is a CGI Corporate Security leadership position that reports to the Global VP of Security within the office of the Chief Security Officer (CSO). In this role you will focus on all aspects of corporate security, from physical, cyber and information security disciplines. The VP of Security operates with the authority delegated from the Strategic Business Unit (SBU) President, to manage the Security Program for the SBU as the primary security point of contact (POC) to support the business in executing CGI security requirements within the region, responsible for the overall security posture of the SBU and supporting and responding to client security related matters.

In this dynamic role, you will lead the implementation and management of the CGI Global Security Program, which encompasses information security/ cyber security, business continuity/ crisis management, physical security, workforce protection and insider risk management.

You will be located in Stockholm, Sweden.

Dina framtida arbetsuppgifter

The VP of Security oversees and leads the implementation of internal corporate policies, procedures, and standards within the Strategic Business Unit (SBU).

The VP of Security manages the SBU security posture by:
• Assessing and mitigating SBU security risks;
• Ensuring that CGI security policies & standards are applied to internal and shared (multi-client) systems;
• Ensuring critical and high security vulnerabilities are analyzed and appropriate security patches are deployed;
• Approving & managing security exception requests;
• Where applicable, maintaining compliance to ISO 27001 certification and ensuring its alignment to the corporate Enterprise Security Management Framework (ESMF); and
• Implementing the ESMF consistently across delivery and support teams.

Central Point of Contact for Security within the SBU
• Implement security education, training and awareness programs and security communication.
• Lead global and local internal security projects as Regional Lead Security representative.
• Where applicable, support contract reviews and bids/ proposals as lead security Subject Matter Expert (SME).
• Support government security program (control goods and contract security program).
• Provide oversight for security audits within the SBU, ensuring the SBU security program is in alignment with CGI security corporate policies and directives.
• Represent the voice of the SBU to contribute to the evolution of the ESMF.
• Provide guidance and counsel to SBU management and members with regard to the CGI security program (i.e., Information Security/ Cybersecurity, Privacy, Physical Security, BCP, IP Protection, Insider Risk & Member Protection).

Managing Security Incidents and Crisis/Risk Management
• Oversee the management of security incidents (including client incidents as needed); escalation to executives, risk based incident management.
• Develop, implement and test Business Continuity plans, including Crisis and Problem Management plans.
• Report on security metrics and present SBU security status to executive leadership team.
• Conduct periodic risk management activities (ex: Gap Assessments - Physical and Information Security) and execute the agreed mitigation plans.
• Responsible for overall SBU security posture / dashboard: risk level, policy compliance report, incident reports.

Kvalifikationer för att bli framgångsrik denna roll

• A Bachelor's degree in Computer Science or a similar discipline preferred, Master's degree a plus

• Relevant certifications are highly desirable (e.g. CISSP, CISM, CISA, CPP, PSP, CRISC, CIPP, etc.)

• Minimum of ten (10) years of directly related IT experience with at least five (5) years experience in a leadership information security role managing large enterprise security operations ideally within the technology professional services industry.
• Ability to work in a high-stress, often fast paced environment. Within security, and especially during incident response, business hours often do not conform to standard and/or extend beyond the traditional eight-hour "work day".
• Experience in large scale, enterprise IT governance, operational and IT risk management.
• Experience leading security teams and engaging with clients at all levels to understand needs and present appropriate security solutions.
• Experience communicating information security-related matters in a business context to a broad range of technical and non-technical staff up to and including the C-Suite and Board Level.
• Experience in large scale, enterprise-wide security intrusion monitoring, detection, and incident handling/ remediation activities; knowledge of security incident response, crisis management, and business continuity.
• Regulatory compliance, data classification and management.
• Bilingual (spoken and written)

Liknande jobb

Liknande jobb