What success looks like in this role:
The Security Consulting Manager plays a crucial role in maintaining a secure client environment and in meeting our contractual requirements. In this client-facing role, you will need to be involved in all aspects of the client engagement, from the design of the solution to the implementation phases of the project You will mainly be involved in overseeing information security issues in the steady-state delivery of large Enterprise engagements.
You will deliver value to client engagements by:
1. Maintaining a Security Risk Register that holds the up-to-date status of all risks within the scope of the services to be delivered for projects and BAU operations, the impact on business from those risks and agreed with mitigations/controls to manage those risks
2. Documenting and articulating business requirements and of evaluating the functionality, costs and benefits of potential business solutions to meet those requirements.
3. Monitoring and reporting on the remediation activities to mitigate the risks as part of projects or BAU operational reports
4. Maintaining a fit for purpose set of security standards that are applicable for applications (e.g. NIST) ISM infrastructure and Operations
5. Validating and updating the risks progressively through periodic tests designed to maintain their currency from changing business operations or technology landscape efficiently and effectively
6. Raising incident reports as and when security incidents get reported via Unisys SOCs, and working with client IT Operations Lead to implement mitigations/controls in a timely manner
7. Providing security requirements for any new solutions), and verifying that the solution components or designs meet those requirements efficiently and effectively, working closely with the technical teams.
You will be successful in this role if you have:
8. Knowledge & Experience in NZISM (New Zealand Information Security Manual)
9. Ideally you will have an NV1 Security Clearance or be able to obtain one
10. Minimum Bachelor's Degree (Specialization in Info Security is required)
11. Background in GRC and consulting/advisory interest is highly considerable
12. 7+ years of proven experience in the Information Security domain
13. Strong stakeholder management and rapport building skills
14. Demonstrated experience in reporting to CISO/senior security leadership is highly advantageous
15. Adept at understanding the overall security/threat landscape and proposing solutions to mitigate risks from this environment
16. Excellent understanding of tools and processes used for strengthening information security posture (Infrastructure Security devices – IDS/IPS, FW, VPN; ISO 27001 controls)
17. Excellent verbal, written and presentation skills and ability to work with virtual teams
18. Must have a good understanding of IT infrastructure architecture
19. Must be an intelligent, articulate and persuasive individual who can serve as an effective advisor to the senior client security leadership
20. Able to communicate security-related concepts to a broad range of technical and non-technical staff and drive security across multiple teams
21. Ideally you will have or seeking to obtain Security certifications such as – CISA, CISM, CISSP, ISO 27001 etc.
Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.