Position Summary
The Regional Security Lead reports to the Head of Security and is responsible for the day-to-day operations and relationship management to support and augment the Head of Security's overall capabilities within the region. The Regional Security Lead is an advanced role supporting the entire information security function, providing leadership, executive support, strategic and tactical guidance, and complete execution for a world-class information security team supporting global enterprise security initiatives. The Regional Security Lead supports and reports on strategic planning and execution of enterprise security systems, applications, and operations, ensures business decisions are made using sound security principles, and supports corporate security policies and plans, preventing any actual or perceived obstruction by the information security team.
Job Responsibility & Duties
•Serve as the Head of Security representative when the Head of Security is not available, including making decisions usually made by the Head of Security.
•Act as a trusted point of contact for executive leadership, security management, and business units.
•Work closely with security leadership overseeing security operations, incident response, application security, and infrastructure.
•In conjunction with security leadership, define key performance indicators (KPIs) and metrics aligning with business initiatives and deliver to non-technical teams in terms that easy to understand.
•Act as a liaison to ensure information security practices are built into business initiatives throughout their lifecycle.
•Oversee testing and validation of security controls across projects, ensuring delivery on-time and within budget.
•Understand and be involved in disaster recovery and business continuity planning, testing, and validation.
•Be actively informed and engaged in daily security operations.
•Offer mentoring to security leadership to support people-first leadership principles.
•Require security leadership and teams to consistently learn and share advanced knowledge and practices that promote excellence.
•Be actively informed and engaged in security projects across the business.
•Enforce a strong security culture set forth by the Head of Security, ensuring uniformity across security leadership, business units, and employees.
•Foster strong relationships with internal business units and external entities to maintain a strong network.
•Advise on enterprise-wide people, process, and technology security recommendations.
•Maintain up-to-date knowledge relating to security threats, vulnerabilities, and mitigations to reduce the attack surface; circulate this knowledge throughout the business.
•Implement a continuous vulnerability assessment and exposure analysis process and align technical teams to address a timeline for remediation and validation across applications and infrastructure.
•Require and support independent verification and validation testing of the company networks and data protection through internal team resources and independent consulting engagements.
•Provide motivation staff to adopt, align, and optimize security controls.
•Remove complexity and obstacles that hinder efficient security controls.
•Build relationships key stakeholders to deliver security-by-design controls incorporated into projects, architecture, infrastructure, and applications.
•Verify security content training initiatives, as well as internal and external communication are conducted regularly.
•Stay abreast of new laws, regulations, and standards, and assess their impacts to the business.
•Sponsor vendor and technology solution and consulting selection as needed.
•In tandem with the Head of Security , manage the security budget and additional fiduciary responsibilities.
•Openly support the Head of Security, management team, and executive leadership, even during tumultuous times.
•Perform other duties as assigned.
