Security Engineering Manager

Please Note: The deadline for applying is 23.59 the day before the job posting end date.

Job Title:  Security Engineering Manager

Location: Port Sunlight, UK

Work-Level: 2A

Reports to: Head of Security Engineering
 

Unilever is one of the world’s leading suppliers of Food, Home, and Personal Care products with sales in over 190 countries and reaching 3.4 billion consumers a day. Unilever has more than 400 brands found in homes around the world, including Persil, Dove, Knorr, Domestos, Hellmann’s, Wall’s, Ben & Jerry’s, Marmite, Magnum, and Lynx. Faced with the challenge of climate change and the need for human development, we want to move towards a world where everyone can live well and within the natural limits of the planet. That’s why our purpose as Unilever is ‘to make sustainable living commonplace’.

At Unilever, we’re determined to achieve a culture where everyone can thrive, a culture where all individuals are treated fairly and respectfully, and where their uniqueness is celebrated. We’re taking a holistic approach that focuses on how we can use the scale and reach of our business to have the greatest impact in our own workplace and beyond. We’ve set clear goals to eliminate any bias and discrimination in our policies and practices, accelerate diverse representation in our leadership, and remove barriers for people with disabilities. At the same time, we’re setting out to spend more with diverse businesses and increasing representation of diverse groups in our advertising. Find out more about our commitment to equity, diversity, and inclusion on our website.

Unilever’s Cyber Security organization is a multi-disciplinary team responsible for protecting the Confidentiality, Integrity and Availability of our Information and Operations. Our Cyber Security organization runs a 24x7 Security Operations Centre (SOC), has a robust cyber technology landscape, provides Risk Advisory to our business, and assesses the security of our vast technology estate, including office, factories, R&D, platforms, etc. Cyber Security is tasked with elevating, reporting on and influencing enterprise cyber security risk across Unilever.

JOB PURPOSE

The Security Engineering Manager role is tasked with delivering world class cyber security tools & services in partnership with our Business Owners (who operate these capabilities) and our suppliers. This partnership will generate value by ensuring that our key risks are appropriately managed and we are continuously developing our capabilities to meet the needs of the business.

Role Summary:

The Security Engineering Manager is responsible for deploying and managing the cyber security technology stack to ensure our key cyber risks are being appropriately managed. This requires collaboration between our Business Owners (i.e. who operate these capabilities) and our suppliers – all with the common goal of continuous improvement. This position will report to the Head of Security Engineering.

Key areas under this role includes:

Unilever is one of the world’s leading suppliers of Food, Home, and Personal Care products with sales in over 190 countries and reaching 3.4 billion consumers a day. Unilever has more than 400 brands found in homes around the world, including Persil, Dove, Knorr, Domestos, Hellmann’s, Wall’s, Ben & Jerry’s, Marmite, Magnum, and Lynx. Faced with the challenge of climate change and the need for human development, we want to move towards a world where everyone can live well and within the natural limits of the planet. That’s why our purpose as Unilever is ‘to make sustainable living commonplace’.

At Unilever, we’re determined to achieve a culture where everyone can thrive, a culture where all individuals are treated fairly and respectfully, and where their uniqueness is celebrated. We’re taking a holistic approach that focuses on how we can use the scale and reach of our business to have the greatest impact in our own workplace and beyond. We’ve set clear goals to eliminate any bias and discrimination in our policies and practices, accelerate diverse representation in our leadership, and remove barriers for people with disabilities. At the same time, we’re setting out to spend more with diverse businesses and increasing representation of diverse groups in our advertising. Find out more about our commitment to equity, diversity, and inclusion on our website.

Unilever’s Cyber Security organization is a multi-disciplinary team responsible for protecting the Confidentiality, Integrity and Availability of our Information and Operations. Our Cyber Security organization runs a 24x7 Security Operations Centre (SOC), has a robust cyber technology landscape, provides Risk Advisory to our business, and assesses the security of our vast technology estate, including office, factories, R&D, platforms, etc. Cyber Security is tasked with elevating, reporting on and influencing enterprise cyber security risk across Unilever.

Role Purpose:

The Security Engineering Manager role is tasked with delivering world class cyber security tools & services in partnership with our Business Owners (who operate these capabilities) and our suppliers. This partnership will generate value by ensuring that our key risks are appropriately managed and we are continuously developing our capabilities to meet the needs of the business.

Role Summary:

The Security Engineering Manager is responsible for deploying and managing the cyber security technology stack to ensure our key cyber risks are being appropriately managed. This requires collaboration between our Business Owners (i.e. who operate these capabilities) and our suppliers – all with the common goal of continuous improvement. This position will report to the Head of Security Engineering.

Key areas under this role includes:

• Managing our Cyber Security capabilities (in partnership with the relevant Business Owner) including SIEM, SOAR, CSPM, NDR, EDR / XDR, IDP, DAM, NAC, WAF, TVM, Email Security, Threat Intelligence Platforms, Security Validation Platforms, Penetration testing platforms, etc.
• Defining (in partnership with the relevant Business Owner) the requirements for our capability and identifying any gaps that require addressing.
• Partnering our Security Architecture colleagues in defining the capability roadmap.
• Supporting any Proof-of-Concept (POC) projects by providing expertise / advice, supporting the testing, and assisting in collating the results (including the creation of the business case where required).
• Being accountable for the deployment of our capability and ensure its adoption in all areas of the business including IT infrastructure, Hybrid Cloud, IT applications, OT, and IoT.
• Accountable for Service Management of our cyber security capabilities through our defined framework (e.g. ITIL).
• Collaborating with our Business Owners (e.g. SOC, Threat Intelligence, etc) and our suppliers to identify areas of improvement, optimisation, or opportunity - driving continuous improvement through our demand funnel.
• Accountable for raising incidents and issues with our suppliers and ensuring a quick resolution.
• Becoming a trusted advisor within the organisation that identifies areas of risk and provides technology-based solutions.

Main Accountabilities

• Accountable for the line management of your team and empowering them to self-govern where necessary.
• Being the Service Owner for all your assigned cyber capabilities and being accountable for the Service Governance of these capabilities (including those managed by your team).
• Accountable for overseeing the demand funnel and ensuring a continuous stream of improvement through each sprint cycle.
• Accountable for the deployment of our cyber capabilities against the architectural design (even if responsibility is delegate to project teams or suppliers) and adoption with our business owners.
• Accountable for compliance against Unilever policies, guidelines and standards especially those associated with platform / service ownership (cyber, CMDB, ITIL, etc).
• Partnering with our Business Owners (e.g. SOC, Threat Intelligence, Engagement, etc.) and our suppliers to ensure we drive value from every technology investment to reduce our Cyber Risk.
• Holding our technology suppliers and strategy partners (e.g. our Managed Security Services Provider or MSSP) to account.
• Responsible for supporting Security Architecture in developing their cyber technology roadmap.
• Responsible for supporting in Proof-of-Concept implementation, testing, analysis, and reporting.
• Self-skilling yourself to an appropriate technical level to perform your role and be continuous informed of evolving risks, technology trends, etc.

Qualifications, Skills, and Experience

Qualification and Skills:

• A strong technical background in IT, IoT and OT.
• Excellent written and verbal communication skills including the ability to be understood by both technical and non-technical personnel.
• Stakeholder management and interpersonal skills at both a technical and non-technical level.
• Ability to manage conflicting priorities and multiple tasks.
• Ability to lead and deliver through others.
• Ability to work both independently and in collaboration with international teams.
• Outstanding analytical, critical thinking and problem-solving skills.
• Customer-orientated, whether responding to queries or delivering new services.
• Skills in Programme and Project Management.
• Understanding of security principles, frameworks, and technologies
• Knowledge in public cloud environments, network and system security concepts.
• Knowledge of current cybersecurity trends, threats, and best practices.
• Relevant certifications such as CISSP, CISM, or SANS GIAC are highly desirable.
• Basic experience with programming languages such as Python, Bash, PowerShell, etc is desirable.
• Familiarity with various security frameworks and standards (e.g., ISO 27001, NIST, MITRE, CIS).

Experience:

• Previous experience in deploying Service Management models (e.g. ITIL, COBIT, CMMI, etc).  
• Previously held a role in Security Engineering, or IT Platforms.
• Experience with managing cloud, on-premise, OT, and / or IoT environments
• A working knowledge of Cyber Security capabilities including SIEM, SOAR, CSPM, NDR, EDR / XDR, IDP, DAM, NAC, WAF, TVM, Email Security, Threat Intelligence Platforms, Security Validation Platforms, Penetration testing platforms, etc.
• Experience with security governance, risk, and compliance standards and requirements.
• Experience in developing, deploying, and maintaining security solutions.
• Extensive experience in providing thought leadership, and driving a complex change agenda, and an ability to challenge the “status quo”.
• Excellent strategic and operational business awareness, with a deep understanding of the key drivers, levers, issues, and constraints of digital businesses.

Behaviours

Candidates would be required to demonstrate the Unilever Standards of Leadership & live the Values through showing the following behaviours:

• Agility – Flexes leadership style and plans to meet changing situations with urgency. Learns from the past, envisions the future, has a healthy dissatisfaction with the status quo.
• Personal Mastery – Actively builds wellbeing and resilience in themselves and their team. Has emotional intelligence to take feedback, manage mood and motivations, and build empathy for others. Sets high standards for themselves and always brings their best self.
• Passion for High Performance – Inspires the energy needed to win, generating intensity and focus to motivate people to deliver results at speed.
• Talent Catalyst – Develops and magnifies the power of people. Creates an inclusive climate, empowering everyone to be at their best. Investing in people, coaching individuals, and teams to realise their full potential. Continually inspires powerful collaboration.

NOTES

Please apply via this portal as e-mail applications may not be processed and include your Future Fit Plan if possible.

By applying for this vacancy, you are confirming that you have made your Line Manager aware of your application and that you are at a point in your career with Unilever where it is appropriate for you to be applying for other positions.   

Should you require additional information or reasonable adjustments to allow you to present your best self during this process, please contact your Talent Partner Anisha Kanani on Anisha.Kanani@unilever.com  

What we offer

Whilst the role is advertised on a full-time basis, we would be happy to discuss possible flexible working options and what this may look like for you. We strive to achieve a family-friendly and inclusive workplace and to, above all, create possibilities for all. 

Diversity at Unilever is about inclusion, embracing differences, creating possibilities and growing together for better business performance. We embrace diversity in our workforce. This means giving full and fair consideration to all applicants and continuing development of all employees regardless of age, disability, gender reassignment, race, religion or belief, sex, sexual orientation, marriage and civil partnership, and pregnancy and maternity. We are also more than happy to provide reasonable adjustments during our application and interview process to enable you to be present your best self. To find out more, including about our Employee Resource Groups, please click here Equity, Diversity & Inclusion (unilever.com).

Relocation to the UK 

Please be aware if you are applying for this role from outside the UK, if successful, your application will be treated as a self-initiated Change Location Outside of Country (CLOC) transfer. This means any relocation costs must be self-funded with the potential to reclaim some specific pre-approved expenses up to £5,000. Please speak to your Talent Partner if you have any questions.