Description

The Security Capability Maturity Lead drives strategic contemporary security capability transformation across the security organization leveraging a cross functional team of security professionals and in partnership with key IT and business partners. This includes implementation of new and transformational security capabilities across key focus areas by establishing the transformation of people and processes, understanding cost implication of contemporary capability transformation, and implementing capabilities to secure and manage risk. The Security Capability Maturity Lead will build strategic partnerships and manage relationships between EIP and the appropriate IT and business teams to ensure alignment to overarching IT and business vision and strategy.

Responsibilities

Responsibilities:

• Implement people, process, and technology changes to deliver contemporary security capabilities to achieve the Board goals
• Enable security to remain contemporary by continuously reviewing and updating security capabilities and identifying emerging technology trends and needs
• Drive thought leadership in contemporary security capability transformation, and change management practices
• Establish a contemporary security capability competency center with dedicated and matrixed resources to support all impacted delivery and operational areas during the contemporary security capability transformation
• Work closely with EIP, IT, and business teams to identify and implement capabilities needed to remain contemporary in security
• Drive contemporary capability transformation of operational security processes, organization, talent/skillsets, and capabilities to align with remaining contemporary focus areas and overarching IT and business strategy; understand impacts of long term capability transformation (e.g., operational budget and resource impacts)
• Build and maintain relationships with key EIP, IT, and business leadership to understand the overarching IT strategy and align security strategy and implementation
• Ensure applicable security investment roadmaps stay relevant and accurately reflect the investment plan and timing for contemporary security transformation
• Own end to end accountability for the ongoing quality control development and delivery of security capabilities and services for each focus area. Accountable for program execution and delivery in line with initiative objectives, benefits, and success criteria. Develops, shares, and leverages best practices across security and IT
• Work with the security and IT to define, prioritize, and manage projects that align with the overarching IT and business strategy
• Lead cross functional teams to gather business requirements and clarify scope during initial discovery by conducting meetings/interviews, and facilitating large group/cross-functional sessions with partners
• Effectively influence key stakeholders, team members, and peers outside of direct control of this role, to deliver optimal solutions in line with the best interests and expectations of contemporary security capability transformation
• Conduct executive level briefings presentations and solution recommendations
• Develop metrics and reporting that align with IT strategy and maturity goals

Role Essentials

• A Bachelor's degree in Information Technology or related field or 8 years equivalent experience
• Demonstrated experience tracking and implementing strategic and transformational initiatives and programs
• Experience leading cross functional teams, projects, programs, and directing allocation of resources
• Broad security industry, technology, and security knowledge including understanding of operations, technology, communications and processes
• Strong leadership skills and track record of execution and delivery in strategic, high visibility areas
• Digital leadership skills – capable of empowering and leading an IT team to meet business and IT security goals.
• Business relationship management skills
• Passion (obsession) for customer/user/member experience
• Change leadership – demonstrated success promoting change by helping others to change and remove barriers
• Flexible and adaptable dealing with ambiguous situations
• Negotiation skills - both with internal key stakeholders and external regulators and vendors
• Consulting skills – able to assimilate business knowledge and knowledge of internal customer’s unique needs/situation. Provide options and tools to make informed decisions.
• Analytical skills to evaluate information gathered from multiple sources, reconcile conflicts, distinguish presented user requests from the underlying true needs, and distinguish solution ideas from requirements.
• Observational skills to validate data obtained via other techniques and expose new areas for elicitation.
• Influencing Skills – ability to influence others at multiple organizational levels, to lead and work in a team environment; ability to lead collaborative efforts with user, development, business and support groups
• Facilitation skills to lead requirements elicitation workshops
• An understanding of contemporary requirements elicitation, analysis, specification, verification, and management practices and the ability to apply them in practice, prefer experience with several Software Development Life Cycles in a team environment.
• Challenger skillset to teach, tailor and take control of opportunity definition & initiation with business partners
• Strategic communicator – able to simplify the complex with proven experience presenting to top level executives.
• Financial analysis & ROI modeling skills

Desired Qualifications

• Industry security certification (e.g., CISSP)
• Industry project management certification (e.g., PMP)
• Industry cloud certification (e.g., AWS Cloud Practitioner)
• Knowledge or experience leading security maturity efforts (e.g., leveraging CMMI)
• Prior experience implementing security transformation programs (or other trending technologies)