RSA - Security Director - Security Business Unit
Primary Location: Bangalore,
Additional Location(s): Bengaluru, India
RSA helps the world's leading organizations solve their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing enterprise and cloud environments against today’s most sophisticated threats. Combining business-critical solutions in identity & authentication management, network forensics and GRC capabilities, RSA provides visibility and analytics to safeguard the identities and information of organizations worldwide.
Be a part of RSA’s internal security leadership team to develop, manage and lead the security program for the NetWitness Security business unit. Work alongside other RSA business unit leaders to mature RSA’s overall security program posture. This is an exciting opportunity to reimagine our internal corporate security infrastructure utilizing industry leading capabilities, thought leadership and program execution, while collaborating with our product engineering teams with their expansion DevOps transformation. The NetWitness Security business unit team is accountable for providing security architecture & engineering, governance, risk & compliance (GRC), Incident Response, physical security, data protection/privacy and product security expertise to the business. We are seeking individuals who share our values, thrive in a team environment, and recognize the importance of accountability. With team members located globally, you will have an excellent opportunity to influence the security culture at RSA.
- Manage a global team of security resources focused upon the internal security programs for Governance, Risk & Compliance, Security Architecture & Engineering, Incident Response, Product Security, Physical Security and Data Governance/Privacy practices for your designated business unit
- Develop the business unit’s security strategy and advise senior leadership on strategic issues based on technical expertise and knowledge of industry trends, aligned with business needs
- Accountable for continuous improvement to the maturity of security practices within the BU, as well as being a proactive partner in managing risk
- Collaborate with the RSA corporate Enterprise Risk management, Enterprise Control Assurance, Privacy, and Federal Facility Security programs to ensure the business unit security program is aligned against corporate policies, standards and overall program execution maturity objectives
- In collaboration with Engineering & IT, manage the Product Application Security (PAS) program, including responsible disclosure & product security incident response processes
- Oversee both cyber & physical security incident response activities in a fast-paced environment, while exercising composure, professionalism and teamwork during incidents.
- Develop security program KPIs, metrics, measurements to drive security program maturity
- Represent corporate and product line security practices to customers via engagement with third party risk assessments, questionnaires, audits and security schedule negotiations
- Work cross-functionally with other enterprise leaders in security, IT or business functions to meet business objectives, milestones and service levels
- Maintain full accountability for all people-management activities for subordinate staff such as the hiring, staffing and maintaining of a diverse and effective workforce, career development/planning, performance and pay discussions of team members
- Accountability for security related budget expense management, cost optimization, third party security vendor management
- Bachelor’s Degree in Information Technology, Information Security or related major; or equivalent experience in the field of cybersecurity
- 6+ years in a leadership role within a security organization, providing Governance, Risk & Compliance, Security Architecture & Engineering and/or Secure Application development management experience
- 10+ years technical Security subject matter expertise in multiple area such as Network Security, Endpoint Security, Identity & Access Management, Secure Software Development Practices, Cloud Security, Encryption
- Strong security expertise in various Cloud Service Providers such as AWS, Azure, GCP
- Strong expertise in secure software development lifecycle (SSDLC) and DevSecOps practices
- Ability to lead, influence, motivate and direct a workgroup to achieve results
- Ability to speak confidently and credibly in public forums
- Ability to engage executive level stakeholders on complex matters in a substantive manner
- Ability to confidently and effectively present complex technical topics to senior non-technical audiences
- Certifications such as CISSP, CISM, CISA, GIAC, preferred but not required.