Application Information Security Manager
The Information Security Manager for applications and tools will be responsible of developing and implementing the privacy/security by design on tools and applications within the GS organization. Monitoring correct use of security and privacy tool capabilities. Act as Security Project Manager for implementation.
The implementation and maintenance of security and privacy controls in accordance to the Security and Privacy Plan and corporate policies and programs. And within the Execute process to provide the Delivery operations with guidance in how to drive compliance to agreed security and privacy requirements.
Must have a strong background in information technology with a clear understanding of the challenges of information security and data privacy. Excellent analytical and problem-solving abilities to identify and fix security risks.
To build understanding and awareness of security and privacy issues throughout the organization, they must have excellent communication and presentation skills. They also need good team working skills to develop security solutions in collaboration with other information technology professionals
- Translation of requirement / attribute in a tool or system specification; a statement that identifies the capability, characteristic, or quality factor. Security requirements are handled inside the “system design process”. They define the essential controls that must be implemented
- Compose security requirements using baseline requirements and threat/risk analysis as a basis
- Definition and identification Sensitive Data, as described in the Technical Compliance Management process.
- Define a high level description of how tool or system meets the security requirements
- Implementation the privacy/sec by design on applications and tools in coordination with IT
- Identify, analyze and classification of threat and risks
- Delivery of security solutions to enable Nokia operations to access customer systems and manage customer data in accordance with security policies
- Manage cooperation with Global Information Security and Cyber Security organization
- Enforce “CREATE-process for Services”.
- Ensure that Privacy Threshold Assessments (PTA) and Privacy Impact Assessments (PIA) are conducted according to “Privacy by Design for Services”.
- Responsibility to drive “Security by Design” principles
Main areas of responsibility
- Design for Security all security related activities from Security Threat & Risk Analysis to Security Auditing
- Managing and approving the development and implementation of the information security policy and controls in applications impacting Global Services organization.
- Assisting in consequence management and legal matters associated with security breaches, as necessary.
Keeping the management updated with effective, efficient and reliable approaches to information security.
- information security and Data Privacy solution engineering, security technology implementation, and security service delivery role
- Certified in ISO 27001 / 22301 LA /CISA/ CISM/ CISSP (Any one preferred)
- Good understanding ISO27001 implementation and maintenance mechanism,
- Ability to perform security requirements capture and analysis with a working ability to identify architecturally significant requirements and their ramifications.
- Security (and privacy) threat analysis and their risk mitigations
- 3+ years experience in hands-on technical security control architecture & design, InfoSec Operations reporting
- Technology Risk Management
- Gap assessment for new technology assessments
- Good understanding of computer information operate environment,
- Knowledge related with Information Security on CISSP level,
- Understanding on working with quality management standards,
- Excellent communications and documentation skills in English,
- Practical project management skills confirmed by working experience,
- Ability of easy communication in English in international environment,
- Process orientated with attention to detail
- Team player, and able to work on own initiative.
- Dynamic and Creative
- Culturally adaptable and flexible
- Ability to assimilate quickly and act decisively
- Challenges the norm to seek ways to add value
Key Skills and experience
If you are interested in this job offer, send your CV in English to: email@example.com
Looking for other opportunities?
Visit our career portal:
Careers in Poland
"Oświadczam, że wyrażam zgodę na przetwarzanie danych osobowych zawartych w mojej ofercie pracy dla potrzeb przyszłych procesów rekrutacji Nokia Solutions and Networks Sp. z o.o. z siedzibą w Warszawie przy ul. Domaniewskiej 39A (zgodnie z ustawą z dnia 29.08.1997 r. o Ochronie Danych Osobowych, Dz. Ustaw nr 133 poz. 883 z późn. zm.)."
"I hereby authorize Nokia Solutions and Networks, located in Warsaw 02-672, ul. Domaniewska 39a, to process the attached personal information strictly for the purposes of job recruitment pursuant to the Personal Data Protection Act of 29 August 1997 (Journal of Laws (Dz.U.) No. 133, item 883)."Please be informed that we reserve ourselves the right to contact only with selected candidates. Apply Now
- Working in a high tech environment and with technologies of the future
- Being part of a sustainable organization and a strategic site for the company
- Getting a competitive compensation and benefit package with private medical care, additional life insurance, social fund benefits
- Getting trained and having learning and development opportunities
- Joining the company for a career not just for a job!
- competitive salary + bonuses depending on achievements
- medical care for you and your family
- flexible working time
- additional life insurance
- social fund
- sports card
- and more