Assistant Manager - Business Unit Cybersecurity

Assistant Manager - BU Cyber

Responsibilities

BU Cyber Executive

Cybersecurity Strategy and Leadership:

Lead and implement the cybersecurity strategy for the business unit, ensuring alignment with the organization's broader security objectives.

Provide strategic cybersecurity guidance to business unit leaders, aligning business goals with effective security measures.

Act as the primary cybersecurity advisor for the business unit, driving initiatives that enhance security posture while supporting business objectives.

Risk Assessment and Management:

Identify and assess cybersecurity risks specific to the business unit's operations, including systems, processes, and applications.

Develop and implement strategies to mitigate risks and enhance security resilience across the business unit.

Regularly evaluate business unit operations for emerging threats and vulnerabilities, proposing risk management solutions and security improvements.

Collaboration and Stakeholder Engagement:

Work closely with the enterprise cybersecurity team, IT, legal, compliance, and other relevant departments to ensure alignment between business unit and organizational cybersecurity strategies.

Collaborate with business unit leaders to integrate cybersecurity into business operations, ensuring security requirements are considered in project planning and execution.

Act as the main point of contact for all cybersecurity-related queries within the business unit, fostering strong relationships with stakeholders.

Incident Management and Response:

Oversee the business unit’s response to cybersecurity incidents, ensuring that appropriate action is taken to mitigate and resolve security issues.

Lead the investigation, analysis, and resolution of cybersecurity incidents affecting the business unit.

Collaborate with incident response teams to improve detection, prevention, and response processes.

Security Compliance and Regulatory Requirements:

Ensure the business unit’s cybersecurity practices comply with relevant regulatory and industry standards (e.g., GDPR, ISO 27001, NIST).

Manage and support internal and external cybersecurity audits, assessments, and inspections for the business unit.

Work with legal and compliance teams to ensure that the business unit adheres to all relevant data protection, privacy, and cybersecurity regulations.

Cybersecurity Awareness and Training:

Drive cybersecurity awareness initiatives across the business unit, ensuring employees are educated on best practices, policies, and potential threats.

Collaborate with the Learning and Development team to deliver relevant cybersecurity training to employees within the business unit.

Promote a culture of cybersecurity awareness and responsible digital behavior among employees.

Cybersecurity Reporting and Communication:

Provide regular updates to senior leadership on the cybersecurity posture, risks, and initiatives within the business unit.

Develop and maintain security metrics, dashboards, and reports to monitor and communicate progress on key cybersecurity goals and objectives.

Report on significant security incidents, potential vulnerabilities, and areas for improvement to both business unit leadership and the central cybersecurity team.

Project Management and Execution:

Lead the execution of key cybersecurity projects and initiatives within the business unit, ensuring that security solutions are implemented in alignment with business objectives.

Oversee the integration of cybersecurity measures into new systems, applications, and business processes.

Ensure that security projects are completed on time, within scope, and in compliance with organizational security standards.

Continuous Improvement:

Continuously monitor industry trends and emerging cybersecurity threats to ensure the business unit remains resilient against evolving risks.

Work with cross-functional teams to recommend and implement security improvements based on lessons learned from incidents, audits, and new technologies.

Stay updated on the latest cybersecurity innovations, tools, and techniques to improve business unit security.

Key Stakeholders - Internal

Business Unit Heads and Department Heads

Business Unit Cyber Lead

Information Security and IT teams

Legal and Compliance teams

Risk Management Teams

Enterprise Cybersecurity Team

HR and Learning & Development Teams

Key Stakeholders - External

Regulatory Authorities and Compliance Organizations

Security Vendors and Third-Party Service Providers

External Auditors and Consultants

Third-Party Vendors and Partners

Qualifications

Educational Qualification:

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Advanced degree (e.g., Master's, MBA) in Cybersecurity, Information Assurance, or a relevant discipline is highly desirable.

Certification:

Industry certifications such as CISSP, CompTIA Security+, or CISM are preferred.

Solid understanding of cybersecurity risks, policies, and regulatory requirements (e.g., ISO 27001, NIST, GDPR).

Work Experience (Range of years):

2+ years of experience in cybersecurity, with a focus on risk management, security operations, or system security.