Develops and leads a team of information security assurance specialists. Performs and assists in development of enterprise information security assurance functions through the use of global assurance services, strategies and solutions. Provides technical guidance on information security policies, procedures, technologies and compliance-related activities as a technical advisor and business partner. Works with key stakeholders at multiple levels in order to identify and align business and Information Security objectives, discover pain points, provide recommendations, and recognize current and future security needs. Determines risk and exposure from security breaches and resolves incidents while providing guidance to business decision-makers.
What Part Will You Play?
1. D irectly leads five or more supervisors, managers, higher level professional/technical team members, or lower to mid-level senior professionals. Exercises full supervision in terms of staffing, work and
performance management, salary decisions, training and development, and disciplinary issues.
2. Collaborates with senior executive leadership to build mutually beneficial relationships, understand company \ business segment \ department strategy. Aligns segment business unit and Information Security (IS) goals and objectives, facilitating understanding, planning, and communication between IS functions and the business unit. Demonstrates broad knowledge and understanding of information security and business needs by identifying and engaging appropriate IS support teams to mitigate risk.
3. Mitigates risk associated with third party vendors and internal application / processes. Leads internal security and high level (internal category one / two) vendor security reviews; initial and periodic information security reviews, technical assessments, contract reviews with IS clauses, and participates in associated quarterly business reviews. Provides oversight and reports on risk management program to leadership for remediation of findings and evaluates solutions to reduce residual risk.
4. Gains credibility by providing expert solutions to trends and topics that influence information security in the payments industry. Identifies new and emerging threats that affect information assets, collaborates with Architecture & Engineering teams on third party software/solutions, IT configuration changes (including access control requests), and network/system architecture from a risk perspective, and provides appropriate direction. Develops education & awareness programs tailored for business segments. Promotes the corporate security policy and procedures in alignment with senior leadership.
5.Leads information security incident response, investigation, resolution and closure of incident response processes. Consults on incident handling process which includes implementation of containment, protection and remediation activities. Collaborates with Threat Management Center on responses to known and emerging threats against the network. Partners in the after action reviews of security incidents for process improvement. Provides support for forensic and incident security investigations in accordance with the incident response plan. Facilitates client communications relating to incidents and updates senior management on incident status.
6.Reviews business requests to determine level of risk acceptance to mitigate impact. Informs management of security policy variances.
7.Not an exhaustive list; other duties as assigned
Minimum 10+ years relevant experience. Minimum of 3-4 years of experience in a supervisory position. Knowledge of industry standard security compliance programs PCI (Payment Card Industry), FFIEC (Federal Financial Institutions Examination Council), SOX(Sarbanes-Oxley), GLBA(Gramm Leach Bliley Act), and HIPAA (Health Insurance Portability and Accountability Act).
The people of TSYS® and Netspend® are part of something bigger. We have the opportunity to touch millions of people and businesses each and every day - both a tremendous honor and a huge responsibility. We are known around the world for the passion and enthusiasm we bring to the business of payments.
TSYS team members are the best and brightest in the industry, with both the drive and ambition required in today's market. We have yet to find limits to what our people can accomplish together.
Our family of companies offers a wide array of careers in which team members can leverage their skills and advance their future, while helping TSYS succeed in delighting customers around the world. We want to help candidates find the right fit within the TSYS family and in the right location.