Cybersecurity - CoE Manager
The Cybersecurity - CoE Manager is responsible for managing the Cybersecurity Center of Excellence (CoE) within the company. This role ensures the organization's information assets, systems, and networks are protected from potential cyber threats and vulnerabilities.
The Cybersecurity - CoE Manager develops and implements comprehensive security strategies, and establishes policies and procedures to safeguard the company's digital assets.
He/she will continuously assess and enhance the company's cybersecurity posture, mitigate risks, and ensure compliance with relevant regulations and standards.
The Cybersecurity - CoE Manager will collaborate closely with cross-functional teams, executive leadership, and external partners to establish a strong cybersecurity enviroment, enhance a culture of security awareness, and enable secure digital transformation initiatives across the organization.
Main Activities and Responsibilities
- Incorporate security controls ensuring data integrity across interconnected systems and emerging technologies (including Artificial Intelligence) in a fast and agile environment and an evolving threat landscape
- Ensure compliance with the regulatory landscape for data protection that rapidly evolving and safeguarding sensitive information from unauthorized access, breaches and Intellectual Property infringement
- Ensure security and integrity of the supply chain involving multiple vendors, distributors, and partners
Experience in the Cyber Security field.
- Transformation experience
- Launch an innovative Corporate Program
- Launch of a new product on the market
- Specialistic career track record
- Common information security management frameworks and best-practices (eg. ISO2700x, ITIL, COBIT, NIST, OWASP, MITRE ATT&CK), in particular with Thread Modeling & Secure Software Development Lifecycle (SSDLC) methodologies and frameworks
- Projects and operations on full-stack of IT infrastructure (Cloud, Network, Applications, Databases, etc..) and on key cybersecurity technologies (e.g., SOC, SIEM, EDR, DLP, WAF, IAM, etc.)
- Cybersecurity related laws and regulations
- Service & Vendors management
- Third Party Risk Management
- Cybersecurity Metrics & Reporting
- Applications and systems security testing (white box, black box, code review, vulnerability assessment)
- Integration of Security in DevOps
- OT/IoT Security
- Architecture Framework (eg. TOGAF/SABSA)