The Security Tower Leader is responsible for analysis of the Security requirements and corresponding solutioning for our most strategic IT outsourcing opportunities. The Security Tower Leader is also responsible for the creation of security strategies and he or she also advises and collaborates with the client security executives and other IS executives who are responsible for directing projects for network and systems security.
In general, the Security Tower Leader is charged with the responsibility for building an accountable, information security-conscious solutions and a system security infrastructure built on high quality standards backed-up by effective operational procedures as well as regular status monitoring and reporting activities.
- Serve as an expert advisor to our clients’ senior management in the development, implementation and maintenance of a Company-wide information security infrastructure that ensures best practice control objectives for system integrity, availability, confidentiality, accountability and assurance within the context of the Company's risk tolerance as set by senior management.
- Identify and propose key information security program priorities, initiatives, plans, practices and tools.
- Provide guidance (e.g., information security risk severity assessments / relative cost benefit analysis etc.) and provide recommendations regarding prioritization of system security infrastructure investments that mitigate risks, strengthen defenses and reduce vulnerabilities.
- Draft and propose information security strategy and action plans based on risk assessment and gap analysis.
- Develop, publish, and maintain comprehensive information security standards, policies, procedures and guidelines.
- Advise the deal team on risk issues that are related to information security and recommend actions in support of the risk management programs.
- Monitor information security trends and evolving technologies as well as keep portfolio informed about related information security issues and implications for our solutions
- Provide guidance to clients as necessary to investigate security breaches and to pursue associated potential disciplinary and legal actions in collaboration with the Corporate Human Resources and Legal departments as appropriate.
- Maintain relationships with local, state, and federal law enforcement and other related government agencies as needed.
- Engage and direct outside consultants as appropriate for support of the opportunity
- Solution regular and ongoing monitoring of and reporting on Company-wide compliance with information security standards and policies.
- Able to collaborate with clients Internal Audit as a business advisor on information security matters.
- Direct the development of information security and privacy policies in compliance with federal and state regulations and standards.
Knowledge of HP services, offerings and capabilities (or equivalents)
- Must be an intelligent, articulate, consensus building, and persuasive leader who can serve as an effective member of a dynamic pursuit team and communicate information security-related concepts to a broad range of technical and non-technical team members at all levels of the organization
- Should have experience with business system continuity planning, auditing, and risk management as it relates to information security.
- BA, BS or Master degree in a computer science or information systems related discipline, A Masters in Business Administration a plus.
- Eight to ten years of progressive leadership experience in computing and information security, including experience with large opportunity/pursuit with ITO and Apps opportunities
- Fortune 500 company experience desired.
- Demonstrated experience with advising and effectively guiding senior management as to information security matters.
- Chief information security officer experience preferred.
- Ability to work and effectively prioritize in a highly dynamic work environment.
- Experience with information system disaster recovery planning and testing, auditing, risk analysis, business system resumption planning, and contingency planning.
- CISSP or other security certification/accreditation preferred.
HP Portfolio service offerings, costing parameters, associated methods/tools
HP delivery capabilities and methods, service delivery tasks/processes, service levels and delivery tools/facilities
New service startup/large project planning/project mgmt experience
Market, competitors, competing products/services
Large pursuit experience
New business opportunity assessment, RFP response and proposal development, or new contract startups
Experience with HP solution development, governance processes, sales qualification/tracking/reporting methods/tools
Membership in "core" leadership group on new logo/large add-on business development projects or startups
Interact with customers regarding potential business/technology improvement, value of HP offerings and solutions. Qualify, influence and shape client requirements and expectations
Develop relationships with client leaders, influence decision criteria and align client value expectations to HP capabilities
Persuasively interact with client executives, explaining HP solutions, value propositions and potential impact on client business drivers
Participate in customer site visits to gather data, present solutions, perform due diligence
Analysis of client business objectives and operations, and current IT technical environment
Ability to proceed with incomplete or inconsistent data thru devising reasonable, consistent assumptions
Experience in Solution architect, technical lead or project management roles
Effectively communicate solution and benefits to clients, third party intermediaries, and internal leadership both verbally and in written form
Experience in designing/implementing complex technical solutions or operational service delivery
Understanding of the HP Managed Security Services portfolio which consists of comprehensive security services aligned to deliver end-to-end security solutions
Working knowledge of HP security policies, standards, certifications, etc
Understanding of global regulations related to security compliance across multiple industries and how they impact overall IT solutions
Willingness to commit to team goals and do whatever it takes to make team successful
Energized and motivated to compete and win; hates to lose
Core professional skills
Individual leadership and team interaction skills
Ability to mentor, coach and transfer skills/experience to others
Manage deliverables, budgets and schedules
Effectively participate on multiple concurrent project teams
Ability to travel up to three weeks per month (or located in Plano, TX area)
Ability to work flexible hours to achieve client deadlines
Pulling it all together to advance the pursuit
Knowledgeable of the technical aspects of the tower including Managed Security Services, Security Consulting Services, Security Governance
Experienced in designing and delivering solutions for real clients ("been there and done that")
Can clearly articulate their solution for the tower and explain why the solution is what it is and why that approach is of value to the client. Understands the pros and cons of the solution. Can explain how the solution meets the client's goals and objectives.
Can listen and adapt to client needs and discussions in "real time". Exhibits confidence in the solution but also exhibits flexibility and willingness to listen and adapt.
While possessing good technical knowledge, they must have a developed business acumen
Knows, understands and can readily discuss the pricing elements and key pricing drivers for their tower
Understands and can readily articulate how their tower or solution integrates with the larger holistic solution for the client, both technically and in terms of business value
Understands and can articulate all aspects of transition/transformation/migration from the current situation to the proposed end state. This includes major milestones, timelines and manpower (both supplier and client)
Understands and can articulate the solution from a people resource perspective -- tower solution maps seamlessly to the HR people plan (Personnel Projection Matrix)
Understands and can articulate all aspects of Financial and Operational Responsibility Matrix for their tower
Understands and can articulate their part of the ongoing delivery and Governance
Willingness to support service delivery startup of the solution post-contract signing if needed
Yes, 25 % of the Time
HP - 18 months ago
Hewlett-Packard Company, or HP, is an American multinational information technology corporation headquartered in Palo Alto, California, USA...