Employer: GSMA
Location: London/Homeworker
Job description
The Technology Division is responsible for providing technical leadership for all GSMA Programmes and Working Groups. The team is both represented and engaged globally and centred in the GSMA’s London office. It is a group of approximately 40 full-time staff who work extensively with senior management and a wide range of experts from across the global mobile sector, both operators and eco-system partners.
The Role
Within the mobile industry, security, privacy and consumer trust are essential components to support the expansion of commercial and identity related services to consumers. Our Security Operations Manager will be responsible for shaping GSMA’s operational support for industry security activities and for responding to security events and developments within and without the mobile industry. The role will include supporting internal programmes and security groups and also influencing operators and other eco-system partners to shape their approach.
Reporting to the Head of Security, the Security Operations Manager will:
Bring GSMA’s diverse risk management activities under operational management control to ensure optimal support for members and the wider industry;
Review existing security operations, to include algorithm administration, supplier auditing, weakness reporting, etc., with a view to identifying areas for improvement;
Manage operational capabilities to support GSMA’s security policies and strategies commensurate with industry best practice;
Implement a responsible disclosure policy and associated processes to support the coordinated reporting of security vulnerabilities and act as focal point for security incident reports;
Define and manage response and handling policies and operational capabilities to effectively remediate and respond to reported security incidents and vulnerabilities;
Lead the design and operation of compliance monitoring and improvement activities to measure acceptance of GSMA security policies and guidelines;
Report and keep senior management updated on agreed key performance metrics to ensure effectiveness of GSMA initiatives is evidenced;
Manage relationships with security vendors and external service providers to ensure they fulfil requirements necessary to perform duties contracted by GSMA;
Promote operational capabilities, internally and externally, and regularly communicate these to ensure widest possible awareness and support for GSMA’s security offerings;
Collaborate across the GSMA membership and provide subject matter expert input and contributions where necessary;
Identify and contribute to security initiatives in relevant external organisations and standards bodies;
Build and maintain strong relationships with relevant stakeholders such as GSMA members, Working Groups and Programme Teams, business partners and service suppliers;
Maintain process and procedural documentation pertaining to GSMA’s security operations to ensure transparency and to facilitate compliance;
Identify, prioritise and manage multiple operational activities and projects through to their timely completion as required;
Some global travel will be required
Desired Skills and Experience
Criteria for Selection
The candidate must possess the following attributes:
Demonstrable understanding of security principles, information security management systems, risk management and vulnerability treatment and response.
Familiarity with relevant laws and international best practices governing information security and information sharing.
Possess strong negotiation and people management skills to manage suppliers, influence individuals and get delivery on set targets from key stakeholders.
Experience in leading multiple projects from inception to completion with the ability to make decisions where ambiguity exists.
Ability to demonstrate sound judgment in the prioritisation of competing work assignments, escalation of issues and analytical problem solving.
Effective organisation skills with key attention to detail and delivery of high quality documentation with the ability to implement change in a complex and challenging environment.
Effective use of others to fill gaps in either experience or knowledge.
Strong sense of business ethics and principles.
5+ years of industrial experience including delivery of security operations and support services, particularly in relation to security auditing and report and incident handling.
Technical background, ideally with a strong technology degree. Professional security certifications would be advantageous.
Excellent English language skills, both verbal and written with the ability to communicate technical matters to a non-technical audience.
Job description
The Technology Division is responsible for providing technical leadership for all GSMA Programmes and Working Groups. The team is both represented and engaged globally and centred in the GSMA’s London office. It is a group of approximately 40 full-time staff who work extensively with senior management and a wide range of experts from across the global mobile sector, both operators and eco-system partners.
The Role
Within the mobile industry, security, privacy and consumer trust are essential components to support the expansion of commercial and identity related services to consumers. Our Security Operations Manager will be responsible for shaping GSMA’s operational support for industry security activities and for responding to security events and developments within and without the mobile industry. The role will include supporting internal programmes and security groups and also influencing operators and other eco-system partners to shape their approach.
Reporting to the Head of Security, the Security Operations Manager will:
Bring GSMA’s diverse risk management activities under operational management control to ensure optimal support for members and the wider industry;
Review existing security operations, to include algorithm administration, supplier auditing, weakness reporting, etc., with a view to identifying areas for improvement;
Manage operational capabilities to support GSMA’s security policies and strategies commensurate with industry best practice;
Implement a responsible disclosure policy and associated processes to support the coordinated reporting of security vulnerabilities and act as focal point for security incident reports;
Define and manage response and handling policies and operational capabilities to effectively remediate and respond to reported security incidents and vulnerabilities;
Lead the design and operation of compliance monitoring and improvement activities to measure acceptance of GSMA security policies and guidelines;
Report and keep senior management updated on agreed key performance metrics to ensure effectiveness of GSMA initiatives is evidenced;
Manage relationships with security vendors and external service providers to ensure they fulfil requirements necessary to perform duties contracted by GSMA;
Promote operational capabilities, internally and externally, and regularly communicate these to ensure widest possible awareness and support for GSMA’s security offerings;
Collaborate across the GSMA membership and provide subject matter expert input and contributions where necessary;
Identify and contribute to security initiatives in relevant external organisations and standards bodies;
Build and maintain strong relationships with relevant stakeholders such as GSMA members, Working Groups and Programme Teams, business partners and service suppliers;
Maintain process and procedural documentation pertaining to GSMA’s security operations to ensure transparency and to facilitate compliance;
Identify, prioritise and manage multiple operational activities and projects through to their timely completion as required;
Some global travel will be required
Desired Skills and Experience
Criteria for Selection
The candidate must possess the following attributes:
Demonstrable understanding of security principles, information security management systems, risk management and vulnerability treatment and response.
Familiarity with relevant laws and international best practices governing information security and information sharing.
Possess strong negotiation and people management skills to manage suppliers, influence individuals and get delivery on set targets from key stakeholders.
Experience in leading multiple projects from inception to completion with the ability to make decisions where ambiguity exists.
Ability to demonstrate sound judgment in the prioritisation of competing work assignments, escalation of issues and analytical problem solving.
Effective organisation skills with key attention to detail and delivery of high quality documentation with the ability to implement change in a complex and challenging environment.
Effective use of others to fill gaps in either experience or knowledge.
Strong sense of business ethics and principles.
5+ years of industrial experience including delivery of security operations and support services, particularly in relation to security auditing and report and incident handling.
Technical background, ideally with a strong technology degree. Professional security certifications would be advantageous.
Excellent English language skills, both verbal and written with the ability to communicate technical matters to a non-technical audience.