Information Security Leader

Location: Corporate Office

REPORTING STRUCTURE

Direct report of: Group Manager IT Infrastructure
Supervises: Information Security Regional Leaders
Department: Business Systems

THE ROLE:

The Information Security Leader is responsible for the identification and management of regional and global IT security-related issues, improvement initiatives and incidents, and provide IT
personnel and other Nyrstar stakeholders globally with operational security guidance and support.
She/He is providing vision and leadership and is accountable for information security, access and compliance of applications and data. The Information Security Leader needs to have a proactive and practical approach to IT and OT (Industrial IT) security with an overall understanding of the business context of Cyber Security.

To fulfil this role, the Information Security Lead will:

  • Take ownership of and run the IT Enterprise Security Management (ESM) platform and its operational component and partners (Security Incident & Event Monitoring / Intrusion
    Detection & Prevention System / Vulnerability Monitoring System / Security Operation Center / Threat Hunting);
  • Act as Global Coordinator for all Technology Security incidents and investigations (interfacing where necessary with regional and Business Systems Coordinators and
    regional Information Security leaders, with other group-level stakeholders and business representatives);
  • Develop and coordinate a global and regional IT Security Management Review & Controls Compliance programme to manage 'business-as-usual' and programme/project Technology
    security risk;
  • Define and develop an information security strategy, with the implementation and maintenance of the Information Security Management framework;
  • Define and implement IT and OT Security Policies;
  • Maintain an Technology Services Security Risk Register; assist risk owners to identify appropriate mitigations; manage escalations where necessary; produce regular IT Security Risk status reports and supervise the Information Security Steering Committee meetings and decisions;
  • Manage individual projects within the IT/OT Security Improvement Programme (as detailed in the Technology Services Security Strategy & Roadmap)
  • Lead the Information Security Awareness program with the support of region, create and manage learning content with suppliers and define certification requirement for Nyrstar
    audience;
  • Manage third-party suppliers providing and supporting Technology Security solutions or software licenses, as well as any related commercial aspect, including proposals, TCO and
    contract review.
  • Work alongside regional and business teams to collate and prepare an Inventory of IT & Data Assets (also using automated discovery tools and software where possible).

KEY CUSTOMERS:

  • Information Security Steering Comitee
  • Business Leaders, Business Systems Coordinators
  • Group Manager IT Infrastructure and Operations
  • Group Manager Business Solutions
  • Infrastructure Architect, Application Achitect
  • IT& OT Operation Managers

QUALIFICATIONS/EXPERIENCE:

  • Master`s degree required (computer science, business or related degree)
  • Minimum 7 years’ experience in a similar role or related role
  • Extensive working experience in in the area of Information Security/Cyber Security Engineering, Consulting
  • Experience with balancing security and business needs as well as developing lean and effective frameworks
  • Experience with OT ( Operations Technology) and IoT environments
  • Required Certifications in IT-Security (CISSP and CISM/CISA); other Certifications in other areas (ITIL, PMP) are an advantage
  • Knowledge in compliance topics (e.g. GDPR, PCI)
  • Strong ITIL and NIST background is a must
  • Advanced Microsoft Excel, WinWord, SharePoint and SAP user
  • Excellent requirements, business case and support documentation skills
  • ServiceNow and Sentinel / LogRythm user as a plus
  • Exposure to Security Operations Centre outsourcing and global/regional network service provider management

COMPETENCIES:

  • Very strong end-user and customer oriented mindset as well as team work oriented
  • Professional and positive attitude, including excellent listening and communication skills
  • Dynamic, self-motivated, able to develop quick wins, short term solutions as well as medium to long-term plans
  • Work autonomously and manage projects from design to move to operating while giving High visibility on progress, issues and risks
  • Skills and ability to manage vendors, service providers and contractors

APPLICATION:

If you are interested in applying for this position, please email your resume to funda.ekinci@nyrstar.com. We look forward to hearing from you.

Please note that only applicants who progress to the next stage will be contacted. Thank you for your interest in applying for this position.

For more information on Nyrstar, please visit www.nyrstar.com.

We are an Equal Opportunity Employer and take pride in a diverse workforce. We do not discriminate in recruitment, hiring, training, promotion or other employment practices for reasons of race, colour, religion, gender, sexual orientation, national origin, age, marital or veteran status, medical condition or handicap, disability, or any other legally protected status.