Senior Manager InfoSec Operations Program

Greater London
Full time
employer logo
Philip Morris International UK
FMCG & consumer goods
501-1,000 employees
Compare top employers
Apply on company site
Are you an experienced information security professional looking for a challenging leadership role? Join our team at Philip Morris International as a Sr. Manager InfoSec Operations Program! In this role, you will have the opportunity to make a significant impact in the field of information security while working for a world-class company.

As the Sr. Manager InfoSec Operations Program, you will be a valued member of our Information Security Operations (InfoSec OPS) team. You will have ownership and responsibility for the PMI Operations business function and selected areas of other PMI business functions, with a focus on Operational Technology (OT). Here's what you can expect in your day-to-day:

  • Maintain strong partner relationships and promote information security through dedicated awareness and training sessions.
  • Serve as a trusted advisor to senior leadership and key partners on cyber risks and risk-reduction initiatives.
  • Define and evolve the cybersecurity strategy and Cyber Risk Program for PMI Operations business function and industrial plants, by taking into account e.g. insights from project security assurance (e.g. in terms of recurrent security gaps and deficiencies), key business strategy elements, Cyber Threat Intelligence insights, etc., in order to increase cybersecurity maturity and business resilience.
  • Operationalize and improve executive reporting on cyber risk and cybersecurity strategy/program, partnering with First Line of Defense teams contributing to the federated cybersecurity organization at PMI.
  • Lead Cyber Risk Assessment cycles and guide business and IT team members to assess cyber-threat scenarios applicable to PMI, with equivalent experience in lieu of educational requirements like PMI also considered.
  • Lead Information Security Assessments (ISAs) of critical plants, applications, and security processes.
  • Support the execution of cyber-attack simulations and table-top exercises.
  • Assist in managing cybersecurity incidents and coordinate subsequent risk-reduction plans.

To excel in this role, we are looking for someone with the following qualifications:

  • University Master Degree or equivalent experience (Computer Sciences, Information Systems, Engineering, Business Administration or equivalent).
  • 15+ years at international companies, performing activities relevant to information security, such as e.g. risk management, cybersecurity strategy definition, executive reporting on cybersecurity, security assessment, security governance, application security, disaster recovery and business continuity.
  • 5+ years organizing and reporting on cybersecurity programs for, e.g., Manufacturing and Supply Chain, with initiatives such as, e.g., factory network segregation/segmentation, OT network monitoring and visibility solution, ICS patch management, disaster recovery.
  • Experience with securing ICS technologies, e.g., Programmable Logic Controllers (PLCs), Human-Machine Interface (HMI), Distributed Control Systems (DCS), Supervisory Control and Data Acquisition (SCADA), and Building Management Systems.
  • Experience in interacting with and presenting to senior management, in both domestic and international corporate environments, driving decisions and communicating effectively.
  • Experience in communicating strategic information around cybersecurity policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels, up to senior leadership.
  • Excellent skills in partner management, written and oral presentation, abstract thinking, problem solving, and decision-making.
  • Strong negotiation and leadership skills, with ability to lead and motivate multi-functional, interdisciplinary, and multi-geographical teams to achieve tactical and strategic goals.
  • Certifications in IT and OT Security, e.g. (ISC)2 CISSP, (ISC)2 ISSMP, ISO 27001, ISACA CRISC, ISACA CISA, ISACA CISM, SANS GIAC GICSP, SANS GIAC GRID, ISA/IEC 62443 Cybersecurity Certificate Program.
  • Certifications in Project Management: PMP or PRINCE2

What we offer?

There are many IT Organizations out there, so why should you join ours?
  • We believe PMI IT’s true strength is fuelled by our people, and that our success depends on them coming to work every single day with a sense of purpose and an appetite for progress. We are a people first organisation committed to providing you with first-class employee journey. Here’s a glimpse of what’s in it for you upon joining us:
  • Work-life balance: Wellbeing comes first. We offer a fantastic office environment and hybrid working options to ensure you have the best work-life balance possible
  • Learning & Development: Your growth is a priority. Our robust and varied learning & development ecosystem will help you strengthen your technical skills and enhance your soft skills and intuition for business. The capabilities you will acquire with us will support your life-time employability within IT, PMI, and beyond
  • Inclusion & Diversity: Our differences - much more than our similarities - generate the innovation we are looking for. We aspire to build a diverse and inclusive organization to access the breadth and depth of thinking and sensitivity vital to thrive
  • We offer a competitive base salary, annual bonus (applicable based on level of position), great medical, dental and vision coverage, 401k with a generous company match, incredible wellness benefits, commuter benefits, pet insurance, generous PTO, and much more

Every single IT colleague is part of our Transformation journey. Join us and pursue your ambitions – our staggering size and scale provides endless opportunities to progress. If this offer resonates with you, we look forward to receiving your application and getting to know you.

Together, let’s deliver a smoke free future!

At Philip Morris International, we are committed to fostering an inclusive and diverse workforce. We are an equal opportunity employer and welcome applicants from all backgrounds. If you require any reasonable accommodations or adjustments throughout the application process, please let us know.

Don't miss out on this exceptional opportunity to join our team and be a part of our ambitious and proven InfoSec Operations Program. Apply now and take the next step in your career!