REAL ADDED VALUE: A CONTENTED CUSTOMER.
WE ALWAYS GO THE EXTRA MILE. USE NUMBERS. CREATE JOY. BMW FINANCIAL SERVICES.

It takes a team with exceptional interpersonal skills and a can-do attitude to deliver great customer service. People who are always prepared to go the extra mile to find solutions that satisfy the needs of our customers and business. People who want to place themselves optimally to develop their capabilities. So if you enjoy a culture of open exchange and mutual trust, and you’d like to take on a fast-paced role within a highly motivated team, join us in driving the future of personalised financial services.

IT Security Manager

The IT Security Manager is a Regional role reporting to the Regional Shared Services Manager.  The purpose is to identify, track and report on IT Security across (European) markets. The role acts as IT-Security Delegate representing the European markets with the central IT Security team and provides reporting to regional IT Managers across 11 countries. It is also responsible for maintaining relationships with the central IT Security and Digital Identity teams and operate as liaison between Central IT Security functions and the markets. From this it is responsible to communicate changes from central teams to the markets to ensure that the information is clearly provided, as well as to represent the needs and requirements of the markets back to Group IT Security.   Specific functions include:

• Ensure the implementation of all IT-Security requirements (and supporting the other IT Governance requirements of IT-Compliance, IT-Risk and IT-Architecture) in the context of National Sales Centre and Financial Services in Europe.
• Supports the corresponding business functions in the above mentioned context and provide security input for the target pictures of the IT products over the lifecycle.
• Tracks and reports on the IT Security KPIs within the above mentioned context.
• Supports all initiatives from IT Security perspective, including the design and development of the IT-products and IT-services for the corresponding business functions within the above mentioned context, with a focus on compliance with IT governance requirements for IT Security.
• Supports the DevOps teams to provide stable and efficient operation of the IT-products which are in scope in terms of IT Security requirements.
• Provide advice and guidance to IT DevOps teams across the markets
  • Single Point of Contact across the markets regarding IT Security and application of Group policies.  This includes guidance on mandatory documentation, usage of governance tools, IT security related risks, and to facilitate clarifications with Central functions.
• Facilitate and co-ordinate an IT Security Community across the region
  • maintain regular communications with the security representatives from the markets on changes to policy and practices, as well as to update on IT Security KPIs / targets. 

• University degree educated
• Ideally CCISP and/or CISM qualified.
• Good understanding of IT and IT development lifecycle
• Significant experience in managing IT projects or software development
• Good understanding of data protection and the impact of legislation and regulation on IT solution delivery
• Understanding of cloud technology, IT security risks and potential security measures available
• Knowledge of ISO27001 and the IT Security frameworks
• Experience in delivering IT process change into IT teams
• Experience of delivering advice and guidance to teams and managers on best practices and need for improvement
• Conceptual – understand the purpose of controls or regulations and not just the implementation
• Practical – ability to understand different viewpoints, and to negotiate solutions appropriate for the requirements of markets and central teams
• Knowledge of Agile working practices
• Strong communication with the ability to present to Management Committees, senior IT management, business colleagues as well as to technical IT delivery teams

At BMW Group, we are open to requests for alternative working patterns. For most roles, the following could be possible: flexible hours, job shares, compressed hours or part-time working.

All applications should include an up to date CV.
This vacancy is graded at ELV

Closing date 24 September 2021.