Information Security Advisor
Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. We uncover threats that others can’t and respond quicker than others can to protect against the devastating impacts of cyberattacks. We’re a world-class team of cyber consultants, threat hunters and researchers serving clients in 96 countries. At Trustwave, you can learn alongside the best, make a personal impact on a global scale, and solve new challenges every day. Learn more about us at https://www.trustwave.com.
The Information Security Advisor function provides a single point of contact for all security-related activities for customers and takes a key leadership role by providing guidance in the development and implementation of security policies, processes and deliverables. The role extends further by providing trusted advisory security expertise to the customer in making and recommending key decisions in the area of security, which may include security architectural work, operational support, and other duties in support of the customer. As it pertains to consultancy, management and focus varies greatly from account to account as there are variable customer and contractual requirements. The Information Security Advisor function possesses a combination of skills including: communication skills and stakeholder management, general security expertise and project management skills. While this role is not necessarily hands on technology, a history of a wide variety of security controls will be valuable to support the consultancy skills required.
- Provide a single point of contact to the customer, be a member of the account management and delivery teams for all operational security related activities for the customer account. Maintain and oversee relationships for all delivery organizations providing security support.
- Manages the implementation of the Security Agreement. Proactively drives the operational compliance on the account. Provide in-house consultancy on information risk management matters and advise on the implementation of security controls on the Account.
- Oversee the implementation and management of operational security activities, processes and policies as required (e.g. Security Incident Management Process).
- Track and assist in the management of the resolution of reported operational security issues. Recommend actions, reviewing plans and monitoring progress of remedial actions. Manage to resolution security risks identified as a result of reviews and audits, changes in Trustwave or customer environment, changes in operating practices or processes, changes in technology etc.
- On a regular basis (recommended at least monthly), meet with the account team to review security status, review any risks, issues, incidents, outstanding activities, current and planned changes.
- Present at least monthly customized reports to customers to fulfill their governance needs.
- Provide informal security assessments for Trustwave delivered processes or architectures to ensure that contractual requirements for information risk management and security controls are satisfied. Regularly review the delivery environment of the account to identify security risks to Trustwave or the customer.
- Participate in change control (review and/or approval) activities for changes that may impact the customer's security posture
- Serve as a dedicated focal point for managing security incidents that occur in the customer's environment.
- Provide security-related education to ensure security awareness and knowledge of customer applicable security policies and processes. Answers questions and concerns regarding customer applicable security policies and processes.
- Ensure that opportunities to improve security are identified. Research new security technologies and practices and recommend additional security services as required.
- Offer executive-level presentations for the account or client management and proactively keep Trustwave senior leadership abreast of all account concerns.
Skills and Knowledge Requirements:
Must have advanced skills/knowledge in several of the following areas:
- SIEM Technologies.
- Risk Management.
- Cyber Incident Management.
- Process and Policy Review
- Strong Consultancy Skills.
- Data Analytics – understanding events in sequence for cyber incident management.
- Leadership and Service Management.
- Historical experience of security technologies, providing a solid foundation for discussion at a consultancy level.
- Strong communication skills
- Excellent customer service skills
- Excellent analytical thinking and problem-solving skills
- Self-managed/directed and team oriented
- Strong project management skills
- Deadline and detail oriented
- Highly self-motivated
- At least 10-years of experience in Information Security.
- At least 5 Years consultancy experience.
- Certification may include (CISSP, CISM, ISO27000)
- Must be able to speak Japanese fluently.
- Must be able to speak English.
- A high school diploma or equivalent is required; a college or university degree is a plus.
Why join us?
Trustwave is an Equal Opportunity Employer committed to providing a working environment that embraces and values diversity and inclusion. When you join Trustwave, you join a unique global family with more than 20 years of history focused on helping you shape and grow your career. We have an entrepreneurial spirit and industry vision that has helped assure our products and services are always on the very forefront of technological development. When you ride the wave, you’ll work with a group of people who share common goals, are driven by a similar passion, and value the expertise of their peers. Interested in joining our team? Apply online now. Want to know what’s it’s really like to work for us? Check out this link on The Muse: https://www.themuse.com/profiles/trustwave?ref=innovative-companies-0
To All Agencies: Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.