Save time and effort sourcing top tech talent
Sign up for the chance to get matched to this role, and similar opportunities.
|
Job Purpose:
The Information Security Manager – SCC (Supply Chain Centre) has responsibility for maintaining, monitoring and ensuring continual, measurable improvement of our Information Security Posture and Cyber Risk Profile within our Supply Chain Centre operations across the estate. They will ensure risks are understood and mitigated within business risk appetite. Our supply chain centres are responsible for dough production as well as 1000’s of partners and the logistics of ensuring all 1300+ of our stores across UK and Ireland are fully stocked.
|
|
Key Responsibilities/Job Tasks:
· Ensure that the department understands threats and risk appropriate to its operations · Maintain a complete understanding of the SCC IT and OT (Operational Technology) systems and networks · Lead representation of Information Security within the SCC, liaising daily with key stakeholders of all levels of seniority and technical capability · Embed themselves into the SCC team to ensure alignment of InfoSec strategy to the business strategy · Own the security improvement plan for the SCC and ensure it is delivered effectively · Provide Information Security and Risk Management expertise to all key stakeholders, including driving improvements to our education and awareness programme · Promote at all times a culture of security and awareness · Proactively identify threats to our business, working closely with the SCC, to agree and implement appropriate risk mitigation measures · Lead the development, communication and implementation of Security Policies and Standards specific to the environment, as well as being a key input into continual improvement of the core Group Policies and Standards · Manage external consultancies and vendors, supporting SCC security · Day to day management and development of the SCC InfoSec team · To be a point of contact for all SCC InfoSec Major Incidents · To develop and maintain the OT Cyber incident response plan and ensure alignment to the IT Cyber incident response plan
|
The following sections consist mainly of a series of questions related to specific skills/job requirements. You should focus on the role rather than the individual when considering the most appropriate answer and should base the response on what you consider to be the normal features of the job which are typical of the job and its usual working conditions over the year.
|
SKILLS & JOB REQUIREMENTS (Please complete where applicable) |
|
Strategic Responsibility Acting as Subject Matter Expert of cyber security within our supply chain IoT and Operational Technology environments: to input into the strategic direction of the Information Security team and the continual improvement processes we strive to implement, as well as the resulting Security Improvement Plan, we aim to deliver. This is done through GAP Analysis work which is key to identifying weaknesses and opportunities to improve, as well as the assessment of new technology stacks such as AI and opportunities for DPG to benefit from them
|
|
Problem solving Ability to assess and solve complex problems (e.g. managing the identification and containment of a quickly- evolving cyber threat when limited information is known), analysing multiple sources of information to determine the best course of action whilst being in high pressure situations. This skill is particularly critical during a cyber security incident, where time is of the essence and a clear head is needed.
|
|
Decision making Cyber security risk, within the SCC’s, may have a wider business impact. A level of business-critical decision making is necessary, as an incorrect decision could result in significant business disruption and financial loss to DPG. This skill aligns to the problem-solving qualities and results in sound and decisive actions being taken.
|
|
Communication Strong communication skills are required for this role to articulate both the technical and non-technical aspect of the role. Close working relationships must be forged with multiple stakeholders, from both operational and technical functions within Domino’s. As the SME (Subject Matter Expert) for OT Security, the Information Security Manager – Supply Chain will be able to lead on incidents in a calm and measured way, and communicate effectively with key stakeholders at all levels.
|
|
Innovation Where there are opportunities to innovate then the role will. Although this role is aligned to helping keep Domino’s safe from cyber-attack, there will be opportunities to help improve processes and implement new ones. One such example is the use of new and evolving technologies, such as Artificial Intelligence, both to support the business use of such technologies in a secure way, but also to harness the technologies to enhance our security capabilities in innovative ways. Closely working with other IT teams, such as Infrastructure, to deploy new technologies that have a wider business impact.
|
Please summarise the levels of minimum education, knowledge, skills and experience this position requires (e.g., if you would be recruiting to fill this position, what aspects of background or knowledge would you expect a successful job applicant to have?)
Note: This may differ from the current job holder’s own skills and experience
|
JOB SPECIFICATION |
|
|
1. Professional Qualification(s) |
Relevant Industry Qualifications such as CISM or CISSP Knowledge of GRID, GICSP would be an advantage
|
|
2. Knowledge |
Knowledgeable in both IT and Operational Technology (Manufacturing) environments Technical knowledge of OT networks 1+ years of experience of implementing security within an OT environment 5+ years of experience in Senior Information Security/Risk Management roles Experience developing and leading programs of security improvement initiatives Experience with industry best practice frameworks e.g. ISA/IEC 62443, NIST, CIS Has gravitas and is widely trusted by both business and IT stakeholders, maintains excellent relationships |
|
3. Skills/Ability |
Leadership and Team Management Strong Communication and Interpersonal skills Ability to manage multiple workloads Highly capable of taking responsibility and ownership for individual and team objectives Strategic Thinking and Planning Problem-Solving and Analytical Thinking Decision-Making Under Pressure Stakeholder Management and Engagement Championing continuous improvement Structured, strong analytical thinking Calm when working with ambiguities and unknowns |
Sign up for the chance to get matched to this role, and similar opportunities.