Manager, Security Engineering and Engagement at Greif

Greif is a leading supplier of industrial packaging products and services. With strategic locations throughout more than 37 countries, Greif remains steadfast in its commitment to being the highest performing customer service entity for its global and regional customers around the world.

We are recruiting to fill the position below:

Job Title: Manager, Security Engineering and Engagement

Location: Lagos (Remote)
Employment Type: Full Time

Job Description

• The Security Engineering and Engagement Manager (ISM) is a hybrid technical/managerial role reporting to the Senior Director of Global IT Security. The ISM serves as the interface between the strategic and process-based activities of the Sr. Director and the technology-focused activities of the IT Security team and other departments. The role coordinates the team’s security activities and provides regular updates to management. The role may lead one or more individuals in a supervisory capacity.
• This role requires a strong technical background and an understanding of organizational priorities and business needs along with a risk mindset. The ISM will ensure that security measures are incorporated into strategic IT plans and that expectations are clearly defined. The role will work with business and IT stakeholders to balance risks with business drivers such as performance, agility, supportability, and acceptance.
• The ISM must be able to prioritize work efforts while balancing a wide range of tactical and strategic activities. The ISM may be responsible for managing technical resources in a direct supervisory capacity or in project management roles. Documentation and presentation skills, analytical and critical thinking, identifying issues and taking initiative are important aspects of successful execution in this role.

Key Responsibilities
Team Management:

• Lead one or more security professionals in execution of team goals, overseeing deliverables and assigning resources to meet targets.
• Align with leadership on performance plans and goals, and evaluate team talent accordingly; provide feedback and recognition to team members; participate in talent management processes.
• Evaluate, interview, and select candidates as necessary to fill staff openings.

Security Strategy, Governance, and Risk Management:

• Research and stay informed of potential information security threats, industry trends, emerging technologies, and response alternatives.
• Analyze security risks, including business-related risks, and recommend mitigations and plans to reduce the overall company risk profile.
• Develop recommendations for security program improvements to align with company risk tolerance and security goals.
• Develop and improve information security policies, procedures, and guidelines; assist with approval, tracking and reporting of security exceptions as the need arises.
• Understand major regulatory and legal issues and work with auditors to demonstrate processes and ensure appropriate controls are in place to meet compliance obligations.

Solution Acquisition & Deployment:

• Participate in the research, planning, selection, and implementation of security solutions, including but not limited to endpoint security, encryption, firewalls, identity management, authentication, intrusion detection, and gateway security controls.
• Review vendor capabilities and document selection criteria for security solutions.
• Conduct analysis of alternatives to determine best-fit solutions.
• Serve as a technical subject matter resource providing expertise in the security domain and provide technical direction to lead appropriate work on security related projects.
• Collaborate with other teams on key projects to ensure that security requirements and needed controls are identified and addressed throughout the project life cycle.
• Lead or participate in contracted security engagements as needed, including external assessments or penetration tests. Drive remediation or next steps discussions through partnership with internal and external business and IT.

Security Incident Response:

• Serve as a backup escalation contact for incidents reported by managed service security operations center.
• Analyze incident information and engage other IT resources as needed to resolve incidents promptly along with the incident response team.
• Recommend activation of incident response plan if needed; may serve as an incident commander or as a backup.

Operational Management:

• Maintain, manage, and monitor compliance with security control frameworks such as NIST, PCI and other state, federal, and international laws.
• Monitor the capabilities and performance of security solutions and partner with suppliers to correct issues promptly.
• Resolve problem tickets promptly with closed-loop engagement with internal or external customers.
• Engage in regular assessment of the current IT security environment to identify weaknesses and work with IT management to develop opportunities for improvements such as reducing complexity, reducing time and cost, and increasing operational effectiveness.
• Participate in the design, development, and delivery of security training and awareness programs, including phishing simulations, awareness articles, and training classes.
• Other duties as assigned.

Education and Experience

• Bachelor’s Degree in the field of computer science, information systems, or information security and 5 years equivalent work experience
• Excellent organizational skills and a high degree of accuracy and attention to detail required.
• Ability to work independently and in a team environment while meeting deadlines with minimal direct supervision required.
• Certification (CISSP, GSEC, or equivalent) preferred

Knowledge and Skills:

• Knowledge of technological trends and developments in technology relating to security and risk management, threats, defensive technologies, industry experts, etc.
• Knowledge of information security standards, data privacy laws, computer crime laws, and federal data protection laws, etc.
• Strong knowledge of enterprise security technologies, e.g., Virtual Private Network (VPN), Virtual Desktop Infrastructure (VDI), Encryption, Firewalls, Intrusion Detection/Prevention, and Endpoint Security Platforms.
• Understanding of and experience with network protocols including switches, routers and routing technologies.
• Strong working knowledge of cloud security concepts, Microsoft Windows Server environments, Microsoft Exchange, virtual servers, and other enterprise-wide applications.
• Knowledge of information security audit and assessment methodologies, policies, standards, procedures and best practices.
• Ability to conduct risk management assessments.
• Provide assistance with identification, prioritization and remediation of information systems vulnerabilities.
• Experience working with managed solutions providers for security components such as antivirus and managed detection and response (MDR) vendors.
• Proven knowledge of systems development life cycle methodologies.
• Ability to work in a flexible environment where requirements and procedures continuously evolve.
• In some circumstances, may be contacted in emergencies on a 24x7 basis
• Highly self-motivated and self-directed.
• Ability to absorb new ideas and concepts quickly.
• Strong analytical and troubleshooting abilities.
• Has a keen attention to detail.
• Ability to effectively prioritize and execute tasks in high-pressure situations.
• Ability to make technical decisions with limited resources and precedence.
• Very strong customer service orientation.
• Strong written, oral, interpersonal, and presentational skills.
• Experience working in a team-oriented, collaborative environment.
• Ability to use discretion and handle sensitive/confidential information.

Salary
USD145,000.00 - USD175,000.00 per year

Application Closing Date
Not Specified

How to Apply
Interested and qualified candidates should:
Click here to apply online