Westfield, LLC

Apply for this job

IT Information Security Manager (Information Technology)



IT Information Security Manager


We're looking for a IT Security Manager to be part of a growing global IT department who is a collaborative and experienced Security professional.

 

As an IT Security Manager, you will be an essential member of Unibail-Rodamco-Westfield's (URW) IT Security Team and notably by strongly contributing in the building of the new Group Information Security framework. You will also be responsible the development, delivery and compliance of a comprehensive information security and privacy program for the U.S. and will strongly collaborate with the European teams, under the supervision of the Group CISO, to ensure Information Security consistency throughout the Group. To ensure URW provides optimal experiences, this person will be skilled at enabling URW people and programs to protect URW customers, brand and confidential information through ensuring the use of secure products and services and secure operational practices to best meet the needs of URW's business objectives.

 

We are looking for an IT Security Manager with:

Strategy & Planning:

  • Enabling Unibail-Rodamco-Westfield business strategy through the execution of information security services and capability
  • Overseeing execution of the information security maturity roadmap
  • Developing and maintaining URW's information security strategy encompassing all computer systems, technology infrastructure and technology devices
  • Developing and maintaining of information security policies, standards and guidelines, complying with relevant U.S. and global information security guidelines and standards, including regular testing as appropriate
  • Improving the customer experience and protecting URW customers and staff through awareness activities and the implementation of protective controls
  • Reviewing the technical security of the URW operational systems
  • Working with wider security, risk and compliance parties and other stakeholders outside of IT within URW to ensure aligned strategies and segregation of duties
  • Work with the U.S. Business Continuity and Disaster Recovery planning and execution, including regular audit and testing of process and technology.

Risks and Incidents:

  • Assisting as the main point of contact for internal and external teams for escalation of Information Security incidents in the US
  • Overseeing incident response planning in the US as well as the investigation of information security breaches, and assisting with disciplinary and legal matters associated with such breaches as necessary. This includes reporting to Senior Management on any significant breaches of information security
  • Working with the U.S. IT Leadership Team to create and maintain of the service level agreements relating to the areas of responsibility
  • Managing information security risks through assessing, mitigating (to an acceptable level) and monitoring risks, working with business and technology risk owners
  • Working with URW's financial auditors to ensure the IT controls are in place to support signoff of the financial audit
  • Managing supporting suppliers that relate to the provision of Information Security services including regular service review in conjunction with the U.S. IT Leadership Team where appropriate, with meetings documented with agreed actions
  • Manage IT Risk Management for the U.S. team. and contribute in the Group IT Risk Management framework.
  • Providing out of hours on call escalation for IT Security, business continuity and disaster recovery incidents

Projects:

  • Ensuring that information security is an embedded and a critical part of the project delivery lifecycle and service operations – supporting project leadership in identifying these requirements and upskilling as required
  • Providing oversight to specific information security programs and driving continual improvement to enhance URW's maturity of information security related capabilities and functions
  • Responsible for risk assessments on new installations, software applications and connections to wide area networks, 3rd party or public access points
  • Providing contractual support for new services, renewals and supplier changes relating to the provision of information Security

Preferred Qualifications include:

  • A degree in IT or relevant business topic (desirable)
  • Proven experience of working in information security
  • Certified Information Systems Security Professional (CISSP)
  • Expert knowledge of current information security standards and guidelines
  • Strong process management and control skills, with experience in developing policies and processes
  • Expert in methods and techniques for risk management, business impact analysis, countermeasure and contingency arrangements
  • Extensive knowledge of good security practice covering the physical and logical aspects of information products, systems integrity and confidentiality
  • Ability to balance the benefits of optimized security with the cost of providing it, to promote the best overall interests of the business
  • Knowledge of industry trends in information security (e.g. PCI compliance)
  • Third party management and vendor selection skills
  • Understanding of application development, testing and project management techniques and methodologies (AGILE, DevOps, etc)
  • Good knowledge of IT Operations (ITIL)
  • Management skills to coordinate a small team
  • Experience in international context, particularly in working with European teams
  • Speaking French is a plus

Unibail-Rodamco-Westfield (URW) is an equal opportunity employer that embraces the diversity of backgrounds, perspectives, experience, and skills. We offer a collaborative, innovative, achievement-focused culture with unique opportunities for growth in a global company and we evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics.


#LI-MF1

Apply
Apply Here done