DNEG: Information Security

Information Security Program Manager

1           Job Description

1.1                        Overview

DNEG’s expanding Information Security (InfoSec), Governance, Risk and Compliance (GRC) and Data Privacy programs have the requirement to add an experienced Information Security Program Manager to the expanding global team. The role will be responsible for successfully managing and steering the Information Security program management function within DNEG. The InfoSec team are responsible for ensuring that the confidentiality, integrity, and availability (CIA) of its, and client’s, confidential data, PII and systems and services are always maintained. It’s for this reason that an experienced Program Manager (PGM) function is required to work collaboratively with the team, peers, and business stakeholders to ensure that all the InfoSec projects initiatives are aligned, maintained, and managed effectively to meet the requirements of both tactical roadmap requirements and to the overall successful delivery of the InfoSec program.

1.2                        Mandatory Requirements and Expectations

An experienced individual that works in a methodical and concise manner is required to successfully manage the InfoSec program at DNEG.

●        Experience of working within a multi-faceted InfoSec program management role.

●        Have excellent inter-personal, written and presentation skills.

●        Working closely with the CISO and the team to successfully prioritize and deliver security program requirements.

●        Experience of working within a dynamic and technically diverse environment.

●        Demonstrable experience of delivering, maintaining, managing multiple projects, and effectively delivering all required reporting activities.

●        Strong understanding of business protocols and processes.

2           Duties and Operational Responsibilities

●        Manage, maintain, and mature the InfoSec program management function.

●        Work proactively with the InfoSec team to ensure that all deliverables are suitably tracked and reported against.

●        Be highly proficient in project management methodologies and practices.

●        Have the capability to work independently and as part of a team.

●        Have strong experience in project forecasting, problem resolution and presentation delivery.

●        Utilize effective task management, communication, and leadership skills.

●        Work in close partnership and collaborate with peers and internal technical teams.

●        Steer and manage all reporting initiatives as they relate to the InfoSec and Privacy programs.

o         This includes managing and maintaining monthly and QBR reporting requirements.

3           Job Requirements

3.1                        Mandatory Job Requirements

A successful candidate will meet the majority of the requirements listed below and will be able demonstrate suitable experience in competencies in each of the following:

●        10 years, plus/minus, of working within, or leading, a technical project/program management function.

●        Be able to demonstrate technical proficiency.

●        Highly motivated and bring a forward thinking and highly collaborative approach to InfoSec program management function.

●        Demonstrable delivery of all program/project management requirements:

o         Planning and associated forecasting activities.

o         Project tracking and monitoring.

o         Leading and delivery of project/program reporting.

o         Utilizing leadership and communication skills to present and manage meetings within the team, with stakeholders and program sponsors.

●        Knowledge of Information/Cyber Security processes and methodologies.

●        Knowledge of risk management.

●        A strong team player with a positive professional manner.

●        Experience and demonstrable, high-level knowledge, of the following:

o         Working within either a hybrid or cloud native environment and their associated concepts and application.

o         Understanding of InfoSec frameworks.

o         Understanding of software development methodologies, e.g., Agile and DEVSECOPS.

o         Understanding of Data Privacy legislation, e.g., GDPR

o         Understanding of audit processes and the importance of tracking and ensuring suitable corrective action is suitably tracked and maintained.

●        Experience of working collaboratively with a PMO function and ensuring that InfoSec and Privacy requirements are suitably addressed as part of the wider list of PMO tracked projects and initiatives.

●        Document and create qualitative and quantitative reporting relating to the InfoSec and Privacy programs.

3.2                        Desired Job Requirements

A successful candidate will have experience with the desired requirements listed below and will be able demonstrate suitable experience in competencies in each of the following:

●        Understanding of the following project management methodologies:

o         Critical Chain Methodology

o         Agile Methodology

o         Waterfall Methodology

o         Scrum Methodology

●        Technically proficient and understand the following:

o         Vulnerability Management

o         Audit processes and procedures

o         Project Management toolsets

3.3                        Education

●        A bachelor’s degree in IT or Computer Science is desirable, but not essential.

●        Any Project Management certifications, e.g., Project Management Professional (PMP), PMI Agile Certified Practitioner (PMI-ACP), PRINCE2 is desirable, but not essential.

●        A Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) is preferred.