Register  |  Log In  |  Contact Us

Information Security Manager, Crown Jewels Program Lead

Reference
JREQ083698
Contract Type
Permanent
Sector
IT, Legal, Risk
Location
Nottingham
Salary
Competitive
Expiry Date
17/07/2017
We seek an ambitious and business focused Information Security Manager to join the Governance & Risk team within Information Security Risk Management (ISRM).

Job Description

 

Description

We are the leading source of intelligent information for the world's businesses and professionals, providing customers with competitive advantage. Intelligent information is a unique synthesis of human intelligence, industry expertise and innovative technology that provides decision-makers with the knowledge to act, enabling them to make better decisions faster. We deliver this must-have insight to the financial and risk, legal, tax and accounting and media markets, powered by the world's most trusted news organization.

Position Title: Information Security, Crown Jewels Program Lead

Business Unit: ET&O

Product or Service: Information Security Risk Management (ISRM)

Role Summary:

The Governance & Risk team provides risk management oversight for the company including the management of major governance initiatives. This includes a new “Crown Jewels” governance program to ensure that the most critical assets are subject to the highest levels of control and protection.


The successful candidate will be expected to oversee the development and rollout of a significant information security governance project designed to establish the Crown Jewels program.

Main Responsibilities / Accountabilities: 

  • Work with stakeholders in the Business Units and Information Security to define and agree the controls and associated processes that will be applied to the Crown Jewel assets, ensuing alignment with other governance processes.
  • Manage the program to assess control gaps for a pilot set of assets and implement remediation plans. 
  • Extend the governance program to cover all Crown Jewel assets and provide status reports on the progress
  • Resolves issues across multiple teams and manage dependencies between projects
  • Develop management reporting to highlight risks with critical assets to support transparent risk decision making.
  • She/he will support strategies that guide the organization towards making effective risk decisions. They will be comfortable and confident when articulating recommendations to Senior Management, Business stakeholders and/or our Technology Partners.

Key Relationships: 

  • ISRM colleagues
  • Program Stakeholders (e.g. ET&O project leads, Privacy, Finance, HR)
  • Control owners in business units
  • Business Unit Security Officers
  • Internal Audit and other governance groups

 

Qualifications
Essential Skills and Experience:

  • Understanding of information security fundamentals and general security technologies
  • Strong organization, prioritization, and rationalization skills
  • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
  • An ability to effectively influence others to modify their opinions, plans, or behaviors
  • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
  • An understanding of organizational mission, values, and goals and consistent application of this knowledge
  • An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
  • Strong knowledge of or business experience in other business units or functional areas outside Security
  • Extensive understanding of critical program/project management techniques and an ability to motivate and lead team members

 

Desired Skills and Experience: 

  • Undergraduate degree or equivalent experience.
  • Extensive experience of information security, particularly with focus on risk management or governance programs.

Education/ Certifications: 

  • Certified Information Systems Security Professional (CISSP) or CISA 

 

At Thomson Reuters, we believe what we do matters. We are passionate about our work, inspired by the impact it has on our business and our customers. As a team, we believe in winning as one - collaborating to reach shared goals, and developing through challenging and meaningful experiences. With over 60,000 employees in more than 100 countries, we work flexibly across boundaries and realize innovations that help shape industries around the world. Making this happen is a dynamic, evolving process, and we count on each employee to be a catalyst in driving our performance - and their own.


As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.


Intrigued by a challenge as large and fascinating as the world itself? Come join us.

To learn more about what we offer, please visit careers.thomsonreuters.com.

More information about Thomson Reuters can be found on thomsonreuters.com