Job Specifications
Job Title: Security Engineering Assistant Manager
Location: Port Sunlight, UK
Job Purpose
The Security Engineering Assistant Manager role is tasked with delivering world class cyber security tools & services in partnership with our Business Owners (who operate these capabilities) and our partners. This partnership will generate value by ensuring that our key risks are appropriately managed, and we are continuously developing our capabilities to meet the needs of the business.
Responsibilities
The Security Engineering Assistant Manager is responsible for deploying and managing the cyber security technology stack to ensure our key cyber risks are being appropriately managed. This requires collaboration between our Business Owners (i.e. who operate these capabilities), our suppliers and our partners – all with the common goal of continuous improvement. This position will report to the Security Engineering Manager.
Key Areas Under This Role Includes
Managing our Cyber Security capabilities (in partnership with the relevant Business Owner) including SIEM, SOAR, CSPM, NDR, EDR / XDR, IDP, DAM, NAC, WAF, TVM, Email Security, Threat Intelligence Platforms, Security Validation Platforms, Penetration testing platforms, etc.
Defining (in partnership with the relevant Business Owner) the requirements for our capability and identifying any gaps that require addressing.
Partnering our Security Architecture colleagues in defining the capability roadmap.
Supporting any Proof-of-Concept (POC) projects by providing expertise / advice, supporting the testing, and assisting in collating the results (including the creation of the business case where required).
Being accountable for the deployment of our capability and ensure its adoption in all areas of the business including IT infrastructure, Hybrid Cloud, IT applications, OT, and IoT.
Responsible for Service Management of our cyber security capabilities through our defined framework (e.g. ITIL).
Collaborating with our Business Owners (e.g. SOC, Threat Intelligence, etc) and our suppliers to identify areas of improvement, optimisation, or opportunity - driving continuous improvement through our demand funnel.
Responsible for raising incidents and issues with our suppliers and ensuring a quick resolution.
Becoming a trusted advisor within the organisation that identifies areas of risk and provides technology-based solutions.
Main Accountabilities
Being the Service Owner for all your assigned cyber capabilities and being responsible for the Service Governance of these capabilities.
Responsible for overseeing the demand funnel and ensuring a continuous stream of improvement through each sprint cycle.
Responsible for the deployment of our cyber capabilities against the architectural design (even if responsibility is delegate to project teams or suppliers) and adoption with our business owners.
Responsible for compliance against Unilever policies, guidelines and standards especially those associated with platform / service ownership (cyber, CMDB, ITIL, etc).
Partnering with our Business Owners (e.g. SOC, Threat Intelligence, Engagement, etc.) and our suppliers to ensure we drive value from every technology investment to reduce our Cyber Risk.
Holding our technology suppliers and strategic partners (e.g. our Managed Security Services Provider or MSSP) to account.
Responsible for supporting Security Architecture in developing their cyber technology roadmap.
Responsible for supporting in Proof-of-Concept implementation, testing, analysis, and reporting.
Self-skilling yourself to an appropriate technical level to perform your role and be continuous informed of evolving risks, technology trends, etc.
Qualifications And Skills
A strong technical background in IT, IoT and OT.
Excellent written and verbal communication skills including the ability to be understood by both technical and non-technical personnel.
Stakeholder management and interpersonal skills at both a technical and non-technical level.
Ability to manage conflicting priorities and multiple tasks.
Ability to lead and deliver through others.
Ability to work both independently and in collaboration with international teams.
Outstanding analytical, critical thinking and problem-solving skills.
Customer-orientated, whether responding to queries or delivering new services.
Skills in Programme and Project Management.
Understanding of security principles, frameworks, and technologies
Knowledge in public cloud environments, network and system security concepts.
Knowledge of current cybersecurity trends, threats, and best practices.
Relevant certifications such as CISSP, CISM, or SANS GIAC are highly desirable.
Basic experience with programming languages such as Python, Bash, PowerShell, etc is desirable.
Familiarity with various security frameworks and standards (e.g., ISO 27001, NIST, MITRE, CIS).
Experience
Previous experience in deploying Service Management models (e.g. ITIL, COBIT, CMMI, etc).
Previously held a role
About the Company
Be part of the world’s most successful, purpose-led business. Work with brands that are well-loved around the world, that improve the lives of our consumers and the communities around us. We promote innovation, big and small, to make our business win and grow; and we believe in business as a force for good. Unleash your curiosity, challenge ideas and disrupt processes; use your energy to make this happen. Our brilliant business leaders and colleagues provide mentorship and inspiration, so you can be at your best.
Our portf...
Know more