Regional Security and Regulatory Compliance Manager

Why this job matters

We’ve always been an organisation with purpose; to use the power of communications to make a better world. You can trace this back to our beginning as pioneers of the world’s first telecommunications company. At our heart we’re a technology company with research and innovation in our bones and a desire to be personal, simple, and brilliant for our customers - those are the values we live by whilst also creating an inclusive working environment where people from all backgrounds can succeed.
In order to protect itself and its customers Protect BT team is responsible for  identify emerging threats to the business and our customers and responding to them , this includes addressing the risks arising out of any non-compliance to regulatory requirements.   
The person holding the role would need to work with the various internal and stakeholders stakeholders including from business operations, security , regulatory, IT, HR , legal teams and other regional peers, the key purpose of your role is to protect BT’s interest, assets and people  by developing a comprehensive understanding of organization’s security needs , Security standards and apply them towards the management of regional risks, compliance and for upliftment of Security posute. 
 

What you’ll be doing

s a Security Risk and Regulatory Compliance manager
You’ll be:
•    Ensuring the operational enforcement of and compliance to,  various security standards related to IT Security, Physical Security, Personnel Security, Cyber , Privacy , Data Protection , Network Security and Regulatory security.
•    Having an experience in enterprise riks management , threats modeling , vulnerabilities assessment 
•    Having an understanding of operations and  extensive experience of performing security assessments  across suppliers, vendors, internal shared  functions like HR/IT/Procurement etc.,
•    Having domain know and experience of performing security assessment and recommend corrective measures for  Data, Cyber, Physical security, customer security and industry standards such as ISO 27001, SOC2 , PCI, NIST, CIS-18 etc.
•    Possessing technological understanding of controls for Data protection, Data privacy priciples and Industry security standards, cryptography, network/application security, web security, etc.
•    Understanding of network perimeter security, Cyber Security operations, SIEM tools and solutions, SOC design and operations , Incident management  
•    Ability to perform Physical security design reviews (Perimeter security, CCTV, Access control etc.) and  recommend/test controls 
•    Managing the day to day site security governance and operations by enforcing BT’s Security standards and policies across business operations, suppliers, shared functions like IT, HR, Facilities management etc.
•    Working  with other groups in Information Security and other  functions in organization for ensuring seamless alignment of Security with business operations / transformation processes 
•    Able to clearly articulate and communicate verbally and in writing the security risks in various domains and work with senior management to mitigate the same
•    Managing emergency response plans to deal with cyber security incidents and reporting threats to relevant bodies.
•    Managing Information Security awareness program.
•    Maintains security and operational efficiency metrics through comprehensive reporting, including ad-hoc requests, historical/trend reporting, and tracking against established baseline 
•    Manages where needed Security Team Members to ensure high performing and well motivated people delivering a specific function or service.
•    Able to undertake travels to perform the physical, environmental and cyber security assessments and incident responses
•    Managing your stakeholders , timely reporting and collaboration

The skills you’ll need

Compliance Monitoring and Controls TestingInformation Security StrategyStakeholder ManagementSecurity AssessmentSolution DesignData AnalysisVulnerability ManagementInformation SecurityAgile MethodologiesDevSecOpsCustomer Relationship ManagementCyber ResilienceRequirements ManagementSecurity Evaluation and Functionality TestingDecision MakingGrowth MindsetInclusive LeadershipIncident Management

Our leadership standards

Looking in:
Leading inclusively and Safely
I inspire and build trust through self-awareness, honesty and integrity.
Owning outcomes
I take the right decisions that benefit the broader organisation.

Looking out:
Delivering for the customer
I execute brilliantly on clear priorities that add value to our customers and the wider business.
Commercially savvy
I demonstrate strong commercial focus, bringing an external perspective to decision-making.

Looking to the future:
Growth mindset
I experiment and identify opportunities for growth for both myself and the organisation.
Building for the future
I build diverse future-ready teams where all individuals can be at their best.