Vacancy caducado!
Company SummaryJoin a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For list for six consecutive years. We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit www.careers.firstam.com.Job SummaryBusiness Information Security Principal SummaryThe Business Information Security Principal will be a focal point for effective engagement between Information Security Office and business areas.This role will be a trusted adviser to senior business and technology stakeholders and provide broad knowledge of Information Security strategies, policies, processes, architecture and road maps to enable divisions/business to understand and meet Information Security requirements.The Business Information Security Principal role will report to the VP of Risk and Governance with a dotted line reporting to the Divisional IT leadership and would work closely with the business, would operate within the Company's information security risk appetite.This individual will be an essential business partner and will take responsibility for managing information security risk for the business and will be required to support business units with the design and implementation of central security strategies.The role will focus on ensuring that Information Security is considered in respect of all elements of Business. Essential Functions
- Build and maintain effective relationship with a division's Business and Technology stakeholders. Be the voice of Information Security in the division/business area and the voice of the business within Information Security.
- Own and communicate the divisional roadmap for compliance to Information security requirements. Align Information Security responsibilities and working practices of divisions and InfoSec. Identify and resolve risks and issues.
- Facilitate planning, introduction, delivery of Information Security services and initiatives to support compliance activities, security audits; security capability / maturity improvement; delivery of point services such as vulnerability assessments, project risk assessments, vendor assessments; delivering targeted security and risk briefing
- Responsible for demand management for security and collaboration across the Information Security team to balance supply and demand of security and divisional resources
- Contribution to development and implementation of security architecture, and the design of Information Security service and processes
- Demonstrate to stakeholders that appropriate controls are in place and own/create actions plans to manage improvement or change where necessary
- Advise stakeholders on how to achieve the relevant controls and assist with solutions to support them
- Where necessary, ensure that processes are documented and communicated in language that is relevant and understandable to international and /or non-technical audiences
- Ensure that all proposed technical solutions include requirements and maintain the integrity of the infrastructure
- Look for opportunities to inform, engage or train others to make the best use of Problem and Change management for Security
- Support and deliver security initiatives as needed and be in a position to demonstrate and track progress to stakeholders
- Required to perform duties outside of normal work hours based on business needsComplexity & ImpactTroubleshoot and guide others on a wide variety of complex problems and identify solutions within broad application and functional expertiseWork to define, drive and implement broad based conceptual issuesParticipate with and heavily influences management for defining requirements and setting organizational objectivesNegotiate, persuade, and gain consensus from senior management, cross functional teams, business communities, and external customers impacted by process implementationSupervision /Level of InstructionMay or may not supervise othersRegularly lead cross functional teams to implement multiple processes within a broad business functionAssign work to cross functional team members and monitors multiple project status and completionActively identify issues, seek out solutions and makes recommendations to the broad business community to apply customized solutions to solve business problemsKnowledge and Skills/Technology UsedAn ability to interact with Information Security colleagues, build good relationships at all levels and across all business units and organizations, and the ability to influence stakeholders of all levelsExcellent verbal, written and interpersonal communication skills. Listens and communicates technical subjects to both technical and nontechnical audiences, flexes style to suit the needs of the audienceAbility to work with others effectively, with 3rd parties, internal teams, and international business units, promoting knowledge sharing within and across teamsHighly self-motivated and directed, with particular attention to detailA good understanding of Security frameworks including ISO27001/NISTTypical EducationGenerally requires a BS Degree or equivalent work experienceLicenses or CertificationsRelevant industry certification such as CISSP, CISM, CRISC or similarTypical Range of Experience5+ years in a similar role in a large international organizationTypically have 8+ years of directly related experience #dice#LI-MD1