Apply now »

IT&D Information Security Manager

Role overview

The ISM will act as the primary point of contact for the entire Reckitt cyber function within these Product or Platform teams. Dependent on their evaluation of demand requirements they can scale a Cyber squad of SME’s from across the principle cyber domains of Risk, Architecture, Threat, Identity, Operations (RATIO) to advise, guide, and evaluate compliance with Reckitt’s information security framework. The ISM is responsible for recording, managing, and reporting variances within the Reckitt risk framework.

 

You will...

 

  • Develop a deep understanding of your product group / platform area. Their customers’ needs and challenges, roadmap to success and supporting activities 
  • Mobilise a highly trained and motivated cyber squad, delivering consistent and valued cyber services, in the context of our broader mission and business objectives of your assigned product / platform
  • Build a cyber risk culture that orbits around these business objectives with a supporting narrative of Cyber Risk & Compliance
  • Drive consistency within the cyber squad in the capture and communication of quantifiable risk-related information that targets risk, root cause and internal improvement
  • Empower business decision making by developing and reporting business outcome driven cyber risk metrics that helps determine actual value
  • Champion the need for products / platforms to be designed, developed, and maintained in accordance with Reckitt information security policies, standards, principles, and best practices.
  • Develop guardrails to inform how best to adhere to security architecture and compliance requirements throughout the product lifecycle
  • Seek opportunities to drive automation, simplification, and standardisation by applying consistent, repeatable, scalable, and standard actions.
  • In line with enterprise direction, adapt to fast to changing environments and engender a culture of ownership that improves quality levels, drives business growth and productivity
  • Embrace a value-based mindset and way of working that emphasises a focus on customers and the delivery of value.

Core responsibilities:

  • Mentoring of peers and contractors as required
  • Matrix managing a cross functional cyber squad as required
  • Representing the Cyber function at governance and management forums
  • Engaging senior stakeholders across the organisation 
  • Maintaining a sound understanding of cyber security and risk principles, reinforced by present and emerging technologies in the field of Cyber defence.
  • Regularly report to senior management on appropriate issues and metrics, as well as the overall status of the security program within the business function.
  • Be the interface between and provide active support to both business and cyber teams.
  • Drive broader use of cyber risk management processes, risk mitigation, and tracking of risk as Reckitt risk management matures across the organization.
  • Support the secure use of third-party providers within the function
  • Work with the Security Operations to identify emerging threats, advise relevant stakeholders and support appropriate courses of action.
  • Support the respond and recover processes associated with Security Incident Management including planning for and implementing disaster recovery and business continuity plans.
  • Ensure that all business risks related to Cyber are properly recorded 
  • Help provide business guidance in relation to risk treatment activities
  • Ensure that Cyber policies and standards are available and understood. Promote awareness of revisions and developments. Provide interpretation of policies to facilitate consistent implementation.
  • Supervise the delivery of cyber security awareness and training to employees, contractors and approved third parties within the global business units.
  • Help mature cyber training through the development and provision of role-based content 
  • Contribute to budgetary planning exercises to ensure actual value is delivered

You'll succeed because you have...

  • Minimum 4 years role relevant experience 
  • Security related certifications (e.g. MSc in Information Security, CISM, CISSP, GSNA, GCFA, GPEN, CRISC, MoR, GSSP, CEH etc)
  • Strong experience and ability to build relationships with business stakeholders, and ensure cyber concepts are well translated while accommodating for business requirements.
  • Highly skilled in the field of risk management and concepts surrounding risk assurance
  • Wide field of exposure to information security frameworks, and in-depth knowledge and experience of at least one framework e.g. ISO 27001/2, NiST, COBIT, ISF SoGP etc. 
  • Experience of influencing and developing teams of Information Security professionals
  • Strong record of managing third parties in the delivery of high-quality service and holding them to account where service quality falls short.
  • Good track record in building and developing strong relationships with suppliers - this will include engendering a common culture
  • Delivery of service quality within an ITIL framework
  • Excellent communications skills – both oral and written.
  • Good problem-solving and analytical skills 
  • Ability to work on and progress on several different tasks and operate in an independent fashion as well as part of a functional team.
     

Apply now »