IT Security, Risk and Compliance Metrics & Reporting Manager-INF0002585
About the General Motors Security team:
GM’s Information Security and Risk Management Team protects and defends the company’s information, networks and infrastructure. We are looking for talented Information Security and Risk Management Professionals in the fields of incident response, cyber-intelligence, enterprise security architecture, digital forensics, application security and compliance with the passion and expertise to perform in a complex, global environment amidst today’s evolving threat landscape.
About the role:
This role provides targeted and quantifiable reporting of IT Security Management activities across all groups within IT Security. This includes all aspects of the metrics/reporting lifecycle management. This function works with all technology groups, lines of business, and corporate functional areas to define, gather and analyse metrics. This function provides targeted reporting to all levels of IT and Business management. They are also responsible for the continuous improvement of the IT Security benchmarking and metrics programs by identifying new metrics, analysis methodologies, and new methods of reporting, including trending analysis.
- Gathering and consolidation of security, risk, and compliance related information; this includes collection of metrics across technology functions
- Analysis of IT security, risk, and compliance metrics and reporting needs.
- Defining IT security, risk, and compliance metrics requirements, including key indicators and threshold reporting.
- Facilitation and management of metrics and reporting implementation.
- Data quality and validation checking.
- Performing analysis of IT security, risk, and compliance metrics and identifying trends.
- Dash boarding and reporting results to IT management
- Manages and provides leadership and mentoring to a security staff reporting to them.
- Manages security metrics for all levels of GM leadership, measuring and reporting on effectiveness and performance in order to demonstrate value.
- Identify critical IT security metrics and key performance indicators in order to build and maintain a comprehensive IT security metrics program that provides executive management with critical insight to the overall effectiveness and value of GM’s IT security program.
- Identify critical GM goals and objectives that are affected by the GM IT security program and define metrics that can be collected to measure the support of these goals including trending analysis over time.
- Minimum 8 years’ experience in IT security governance
- Minimum 6 years in the development of IT security metrics and benchmarking
- Minimum 3 years’ experience in a security management or leadership role.
- Experience in statistics and mathematical analysis is preferred.
- Strong business, leadership, and management skills including:
- Ability to make recommendations and influence decisions based on business value.
- Ability to work in a dynamic and fluctuating environment.
- Outstanding collaboration, team, and interpersonal skills.
- Outstanding communication and presentation skills.
- Demonstrated ability to apply analytical and problem solving skills to program management.
- Strong technical leadership skills with ability to forge effective teams “leading by example” demonstrating the qualities expected of subordinates.
- Proficiency in a wide range of information security technologies and platforms including networks, applications, databases, storage, severs, and endpoints.
- Deep understanding of the principles and practices of IT Security Governance including security policies, metrics, and benchmarking.
- Ability to identify and recognize suitable candidates for security metrics and key performance indicators, including collection techniques, analysis techniques, verification and validation techniques.
- Ability to collate, analyze, and report on data in a manner that demonstrates relevance and impact to the supported business.
- Ability to identify and recognize trends in data analysis, interpreting significance and changes in risk posture.
- Knowledge on the building, and maintaining a balanced scorecard.
- Demonstrated ability to apply industry standards, frameworks, and best practices including ISO/IEC 27001 and 2002, COBIT, and ITIL.
- Bachelor’s degree in Information Systems, Business Administration or related field acceptable with five to eight years of experience in information technology required or equivalent experience
- Master’s degree preferred
- Certified Information Security Systems Professional (CISSP) certification
- Obtained certifications in one or more of the following Preferred:
- CIA, CISM, CISA, CGEIT or CRISC
Why General Motors?
At GM, we’ve charged ourselves with one mission: to design, build and sell the world’s best vehicles. And to achieve our goals, we’re currently undergoing one of the largest Information Technology transformations in the history of the automotive industry.
GM IT is a leader in cutting edge technologies such as Mobility, Telematics, Mission-Critical Business Systems, Supercomputing, Vehicle Engineering, and Real-time Computing. We offer challenging positions for passionate professionals looking to get in on the ground-floor of a growing “Fortune 5” firm that is re-inventing IT with a laser focus on Innovation, Speed, and Business Value.
Join our team and experience Information Technology at a scale and pace not seen before!
Primary Location: US-MI-Detroit
Posting Date : Sep 25, 2012, 1:34:57 PM - Ongoing
Job: Information Technology
Growth opportunities at GM for talented people are as wide as the world.
From the design and engineering of new state-of-the-art plants...