Information Security Manager

The Information Security Manager will be responsible for ensuring the implementation and maintenance of security and privacy controls in accordance to the Security Plan and corporate policies and programs.  And within the Execute process to provide the Delivery operations with guidance in how to drive compliance to agreed security and privacy requirements. Lead the maturity model benchmarking.

Must have a strong background in information technology with a clear understanding of the challenges of information security and data privacy. Excellent analytical and problem-solving abilities to identify and fix security risks.

To build understanding and awareness of security and privacy issues throughout the organization, they must have excellent communication and presentation skills. They also need good team working skills to develop security solutions in collaboration with other information technology professionals
Key Accountabilities

  • Implement overall operational service delivery strategy in area of Information Security and Data Privacy
  • Primary responsibility of the security implementation in the organization (s)he is assigned to
  • Complete understanding of customer and Nokia’s security policies
  • Delivery of security solutions to enable Nokia operations to access customer systems and manage customer data in accordance with security policies
  • Manage cooperation with Global Information Security and Cyber Security organization

Main areas of responsibility

  • Identifying information security objectives and strategizing them consistently with GS strategic plans
  • Ensuring the establishment of the ISMS objectives and plans
  • Managing and approving the development and implementation of the information security policy and its procedures to ensure on-going maintenance of information security
  • Overseeing security operations by coordinating with global shared services teams and resources needed for information security including business continuity management and information security incident management.
  • Overseeing investigations / forensics of security breaches, including suspected insider threat. In this area, ISPM may seek assistance from experienced teams internally or externally
  • Assisting in consequence management and legal matters associated with security breaches, as necessary.
  • Managing development and implementation of information training and awareness programs
  • Keeping the management updated with effective, efficient and reliable approaches to information security.
  • Conducting management reviews of the ISMS. Support Information Security Group during external & internal IT Security & IS audits
  • Deciding the acceptable level of risk and maturity, providing feedback for improvement of ISMS
  • Co-ordinating with global shared services teams to carry out internal audits and technical compliance checks

Qualifications:

    Key Performance Indicators

    • Accuracy of security policy integration into solutions designs and operations
    • Accuracy and timeliness of status reporting, risk/issue identification and adherence to project processes

     Credentials

    • Certified in ISO 27001 / 22301 LA /CISA/ CISM/ CISSP (Any one preferred)
    • 6+ experience as ISO27001 coordination team member,
    • information security solution engineering, security technology implementation, and security service delivery role

     Key Skills and experience

    • Good understanding ISO27001 implementation and maintenance mechanism,
    • Ability to perform security requirements capture and analysis with a working ability to identify architecturally significant requirements and their ramifications.
    • Security (and privacy) threat analysis and their risk mitigations  
    • 3+ years experience in hands-on technical security control architecture & design, InfoSec Operations reporting
    • Working knowledge of Business Continuity Management
    • Technology Risk Management
    • Gap assessment for new technology assessments
    • Good understanding of computer information operate environment,
    • Knowledge related with Information Security on CISSP level,
    • Understanding on working with quality management standards,
    • ITIL Information Security area good knowing,
    • Excellent communications and documentation skills in English,
    • Practical project management skills confirmed by working experience,
    • Ability of easy communication in English in international environment,

    Key Attributes

    • Process orientated with attention to detail
    • Team player, and able to work on own initiative.
    • Dynamic and Creative
    • Culturally adaptable and flexible
    • Ability to assimilate quickly and act decisively 
    • Challenges the norm to seek ways to add value
 
 

Workplace: Bydgoszcz

If you are interested in this job offer, send your CV in English to: recruitment.bydgoszcz@nokia.com

Looking for other opportunities?
Visit our career portal:
Careers in Poland

Please add to attached documents the following clause:

"Oświadczam, że wyrażam zgodę na przetwarzanie danych osobowych zawartych w mojej ofercie pracy dla potrzeb przyszłych procesów rekrutacji Nokia Solutions and Networks Sp. z o.o. z siedzibą w Warszawie przy ul. Domaniewskiej 39A (zgodnie z ustawą z dnia 29.08.1997 r. o Ochronie Danych Osobowych, Dz. Ustaw nr 133 poz. 883 z późn. zm.)."

"I hereby authorize Nokia Solutions and Networks, located in Warsaw 02-672, ul. Domaniewska 39a, to process the attached personal information strictly for the purposes of job recruitment pursuant to the Personal Data Protection Act of 29 August 1997 (Journal of Laws (Dz.U.) No. 133, item 883)."

Please be informed that we reserve ourselves the right to contact only with selected candidates.
Apply Now

Our promises:

  • Working in a high tech environment and with technologies of the future
  • Being part of a sustainable organization and a strategic site for the company
  • Getting a competitive compensation and benefit package with private medical care, additional life insurance, social fund benefits
  • Getting trained and having learning and development opportunities
  • Joining the company for a career not just for a job!

Benefits:

    • competitive salary + bonuses depending on achievements
    • medical care for you and your family
    • flexible working time
    • teleworking
    • additional life insurance
    • social fund
    • sports card
    • and more