Service Domain Lead – Security and Continuity Services at Aspen Pharma Group

ROLE PURPOSE:

The Service Domain Lead – Security and continuity Services is a strategic, tactical and operational role in the IT organisation and will be accountable for the delivery of security and continuity services across Aspen and ensuring that Aspens security remains in the acceptable risk appetite of the business. The role will be accountable for service quality, addressing any service failures that may occur. Service Domain Lead – Security and continuity Services remains responsible for Aspen’s security and continuity service architecture development, maintenance and improvement through strategic transformation.

SPECIFIC OUTCOMES / CORE TASKS, RESPONSIBILITIES & AUTHORITY:

Service Domain Lead – Security and Continuity Services will

• Define, negotiate and approve security and continuity services to agreed Service Level Agreements that meet business needs
• Negotiate and approve with both the business and Vendor any Service Level Requirements for new security and continuity services and support the development through the lifecycle of the service
• Support the development of customer demand plans for new and current security and continuity services
• Develop and maintain the security and continuity architectures to support the business requirements
• Develop security and continuity strategies and solutions to meet business requirements
• Document/specify the security and continuity services needed, including business justification, following corporate guidelines and format
• Ensure the effective implementation of technology standards in the Security and Continuity Services environment
• Identify and contract various component parts necessary to deliver the security and continuity services through Operating Level Agreements
• Negotiate and approve the Operational Level Agreements with Vendors
• Ensure that changes to security and continuity services are reviewed & approved by business end users, implemented, communicated to vendors and are built into contracts as required
• Be responsible for the overall coordination, direction and evaluation of security and continuity operations within the group. Ensures the performance of security through the monitoring of traffic, performance, and configurations.
• Oversees the effective resolution of security incidents and breaches and major security incidents
• Ensure that continuity and technical recovery plans for in scope services are tested periodically
• Manage the day to day operations of the Group IT patching process
• Develop, improve and update runbooks, procedures, diagrams, and standard operating procedures for security operations
• Work with IT Operations Teams to align and enhance key security processes including security monitoring, vulnerability assessment, and incident identification and response
• Perform and document security reviews of Aspen technology technologies against best practice benchmarks and CIS framework standards. Document exceptions and create remediation plans
• Support and promote the use of secure configuration for network devices and boundary defences
• Drive continuous service improvement(s) to maximise the effectiveness and quality of services
• Accountable for ensuring all of Aspen’s Group IT service continuity plans are compiled and tested.

EDUCATIONAL QUALIFICATIONS & EXPERIENCE:

• Matric / Grade 12
• B.Com / BSc Computer Science degree or equivalent work experience
• Current industry certification in architecture (i.e., TOGAF, Zachman, etc.)
• Current industry certification in security risk and compliance management, governance and compliance models and industry bodies (i.e. ISC², CISSP, CISA, CISM, ISACA, CCNP-S, etc.)
• Current industry certification in architecture and major OEM’s (i.e. Qualys, EMC, Commvault, Veeam, Microsoft, Vmware etc.)
• 5 years’ experience in security planning and management
• 5 years’ experience in Microsoft based environment
• Experience and sound knowledge in security and products at all layers of security
• 5 years’ experience and proven track record in service management (ITIL Expert)
• 5-10 years’ experience managing and planning security services in a large complex/matrix global organisation
• 5-10 years’ experience managing and planning continuity services in a large complex/matrix global organisation
• Experience and sound knowledge of service continuity methodologies and continuity products
• Experience and sound knowledge of IT risk management methodologies
• Experience in disaster recovery planning of data centre services and related infrastructures
• 5-10 years’ experience leading security service management teams, internal and 3rd parties in a multivendor approach
• 5-10 years’ experience of managing relationships with internal business customers

SKILLS AND ATTRIBUTES:       

• Demonstrate the corporate values: Integrity, Teamwork, Respect, Professionalism and effectively role models these for
• the team
• Demonstrate ability to lead in a global, matrix / team environment. Demonstrates ability to lead geographically
• dispersed teams and 3rd party vendors of IS services to drive exceptional customer service and high performance
• Ability to build strong relationships with business stakeholders, including senior managers and 3rd party vendor executives and to influence and be persuasive
• Proven ability to communicate and present effectively to all levels with the organisation from technical to executive level
• International orientation – prepared to travel internationally (preferable) is able to work effectively in an international context
• Strong negotiation skills with the ability to resolve conflicts and problems and follow through to completion
• Strong planning and managing delivery to plan as well as good organising skills
• Pro-active with high levels of energy, tenacity and enthusiasm to deliver results
• Exceptional focus on quality and strong attention to detail
• Strong Business and commercial acumen
• Strong system aptitude / affinity with technology
• Competent in the use of Microsoft PowerPoint, Project, Word and Excel
• Good command of written/verbal business English (& additional location language requirements)
• Good commercial and business awareness
• Good knowledge and understanding of domain technology areas (within projects and operations)
• Knowledge of domain protocols and architectures

ASPEN COMPETENCIES:

BUSINESS

• Performance Driven: Initiative, multi-tasking, results oriented, systems thinking, planning and organisational skills, focused.
• Creates the Future: Innovation, visioning, strategic planning, global thinking, entrepreneurial thinking, leadership, teamwork.

PEOPLE

• Communicate Effectively: Informal communication skills, active listening skills, writing skills, presentation skills, meeting facilitation, empathy.
• Lead & Influence others: Leadership, credibility, networking skills, organisational awareness, influence skills, pragmatic.

SELF

• Take Action with integrity: Personal responsibility, self-assurance, honesty, ethical conduct.