Avanade Inc. Group Manager, Advisory Services, Information Security in Boston, Massachusetts
Director NA Security Advisory - Job description
The Security Advisory team is comprised of seasoned business leaders with deep knowledge of information Security. We develop trusted relationships with our clients to guide them in solving business problems and building mature security practices within their organizations.
The ideal candidate for this role would have functioned as a security leader (CISO, VP or Director of Information Security).
This role requires a deep knowledge and experience in delivering and managing Information Security programs, including IT Security Strategy, IT Security Operations, Security Training and Awareness, IT General Controls Compliance and Audit Management, IT Forensics, Identity and Access Management, Cybersecurity, Data Privacy, And IT Risk.
Sales and Marketing Alignment
o Act as a trusted advisor to clients at the senior and executive level.
o Develop and maintain go to market strategies around information security, data privacy, IT compliance, IT risk, and data governance
o Develop and maintain sales enablement and training to educate sellers on all security related topics
o Drive sales and revenue through business development activities
o Describe Services offerings in detail, understand pricing models, reference accounts, past engagements and demonstrate offering differentiators and value.
o Identify pre-engagement requirements (goals, budgeting, timing, etc.), assist with technical scoping, project pricing and proposal development
o Lead internal and client-facing account management strategy and planning sessions and formal proposal presentation
Advisory Service Delivery:
o Develop a rich strategy that formalizes risk into a comprehensive program for management to assess areas of concern
o Build and plan governance programs that ensures all information security controls are adequately maintained and reported on through a GRC process
o Develop and publish comprehensive organization-wide information privacy and security strategies, plans, policies, procedures, and guidelines
o Manage the development, implementation, and maintenance of security policies, standards, and guidelines
o Direct the development and enforcement of information security and privacy policies in compliance with internal and external standards
o Identify current security infrastructure and define what kind of security must be designed and implemented in order to meet organizational requirements
o Coordinate contract efforts when addressing cross-border data transfers
o Research and maintain proficiency in tools, techniques, countermeasures, and basic trends in computer and network threats and exploits
o Maintain a vulnerability management program where risk prioritizes work effort
o Maintain appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and or transmitted information and reasonably protect against anticipated threats and vulnerabilities
o Create project status reports and briefings on security matters for clients
o Conduct client risk analyses and assessments to ensure there are solutions in place to mitigate those risks
o Provide clients with up-to-date information on different threats and security vulnerabilities that organizations may face
o Ensure compliance through adequate training programs and oversight of periodic internal security audits
o Provide guidance and training to client information owners and design and implement programs for user awareness, compliance monitoring, and security compliance
o Assess audit results and partner with client IT staff to create pragmatic action plans and monitor the execution and completion of action plans
o Coordinate client audit and assessment processes to verify compliance with established controls
o Coordinate client information security audits, tests and reviews
o Work with client legal teams to ensure data protection practices are consistent with international regulatory requirements
o Partner with client IT management to develop and maintain best practices and policies for security of all internal systems
o Partner with client legal and HR organizations to contact IT security and technology forensics analysis against any suspicious activities with primary emphasis on networks, desktops and laptops, servers, and critical applications
o Manage third-party forensics partner during significant client incidents
o Lead a team in the design, development, deployment and support of an enterprise identity and access management system
Experience in a Security leadership role
o Bachelor’s degree in computer science, engineering, mathematics or related discipline. Masters preferred.
o 8+ years practical experience in IT security related positions (IT security manager, security auditor, security analysts, etc.)
o 5+ years of practical consulting experience in both delivery and sales enablement
o CISSP, CISM, CISA, CEH, ITIL, and project management certifications preferred
o Must be articulate, consensus building, and persuasive leader who can serve as an effective member of the senior advisory team and communicate information security related concepts to a broad range of technical and non-technical clients
o Must demonstrate the ability to maintain strict confidentiality of the company’s clients, internal and personnel affairs
o Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a highly matrix environment
o Ability to deal with changes and adapt to a changing environment
o Ability to work well with others, harness different skills and experience, and build a strong sense of team spirit
o Highly self-motivated and directed
o Ability to work in a home office environment and a willingness to travel to other offices and client sites as required
o Travel expected to be 75%
o Excellent verbal communication and writing skills
o Excellent presentation skills – prepared and deliver formal and informal presentations to illustrate ideas, solutions, and issues to upper management
o Project management experience
o Must have strong documentation/technical writing skills
o Must demonstrate professionalism and maturity when working with clients, peers, senior management, and vendors
Avanade® Is An Equal Opportunity Employer. Avanade prohibits discrimination and harassment against any employee or applicant for employment because of race, color, age, religion, sex, national origin, gender identity or expression, sexual orientation, disability, veteran, military or marital status, genetic information or any other protected status.
Avanade® Is An Equal Opportunity Employer. Avanade prohibits discrimination and harassment against any employee or applicant for employment because of race, color, age, religion, sex, national origin, gender identity or expression, sexual orientation, disability, marital status or any other protected status. Avanade is also committed to providing accommodations for persons with disabilities in accordance with the Accessibility for Ontarians with Disabilities Act .
Requisition ID - 46184
Avanade is the leading provider of innovative digital and cloud-enabling services, business solutions and design-led experiences, delivered through the power of people and the Microsoft ecosystem. Majority owned by Accenture, Avanade was founded in 2000 by Accenture LLP and Microsoft Corporation and has 30,000 professionals in 24 countries. Visit us at www.avanade.com.