Sr Manager, Cybersecurity - Cyber Risk Management T-Mobile USA
Bellevue, WA

Job Description

We are looking for someone with a high level of knowledge in information security risk management and remediation practices, third party cyber risk, consultancy to Sr. Business Leadership, with knowledge in a broad range of security disciplines and technology areas to manage our Cyber Risk Management groups.

The DSO "Senior Manager, Cybersecurity - Cyber Risk Management" is a senior information assurance leader with corporate responsibility to direct and oversee all enterprise information security risk assessment, risk remediation, and third-party cyber risk management functions at T-Mobile. You will develop and implement strategy, vision and plans to manage information security risk to acceptable levels. This person will work closely with organizational leadership to understand business requirements to ensure identification of information related threats and vulnerabilities and alignment, implementation, and maintenance of controls according to risk profiles. The Senior Manager of Cyber Risk manages Risk Program Managers and Remediation Managers as well as assisting the Director of Cyber Risk to develop and implement the enterprise information protection strategy.As America's Un-carrier, T-Mobile USA, Inc. (NASDAQ: "TMUS") is redefining the way consumers and businesses buy wireless services through leading product and service innovation. The company's advanced nationwide 4G and 4G LTE network delivers outstanding wireless experiences for customers who are unwilling to compromise on quality and value. Based in Bellevue, Washington, T-Mobile USA. Inc. provides services through its subsidiaries and operates its flagship brands, T-Mobile and Metro by T-Mobile. For more information, please visit http://www.t-mobile.comMinimum Qualifications:

* Over 12 years' experience in a dedicated information security role with 5 or more years in a large enterprise
* 5-7 years leading information security risk assessment or risk management activities
* Experience leading an information security organization in the telecommunication industry
* CISSP, CISM, or other security management related certification preferred
* BS in Computer Science or equivalent experience, Masters preferred

Other Qualifications:

* Extensive experience leading and executing information security risk assessment activities for large enterprises
* Experience designing, implementing, and managing information security risk management programs
* Excellent understanding of threat and vulnerability management practices in a complex enterprise environment
* Extensive knowledge of enterprise risk management practices, risk assessment methodologies, and the selection of each according to business objectives
* Exceptional understanding of mitigating controls at the process, systems, network, application, and data level
* Strong knowledge of information security intelligence, monitoring, incident response and investigations
* Knowledge of critical infrastructure and national telecommunication carrier security issues and requirements
* Experience translating complex and ambiguous problems into understandable components and actionable plans
* Knowledge of regulatory and contractual requirements and best practices such as SOX, PCI, ITIL, and ISO 17799
* Excellent communication, presentation and relationship skills, especially the ability to articulate advanced technical topics and build consensus among business and technical constituents
* Strong leadership skills
* Self-starter with excellent organization, administrative, interpersonal skills and project management
* Work closely with business and technology counterparts to understand enterprise objectives, initiatives, and cyber information security risk
* Define, implement, and oversee the enterprise cyber information security risk and conformance management strategy
* Manage the Risk Program Managers to oversee the enterprise cyber information security risk management lifecycle including the completion of risk assessments, planning, treatment, tracking, and control
* Manage the Remediation Management team to oversee various levels of remediation required to be driven as dictated by Cyber Risk Management and other teams
* Manage the Third-Party Cyber Risk Assessment team to help drive cyber risk scoring of third-party suppliers and vendors
* Develop, maintain, and enforce TMUS cyber information security risk management policies and standards
* Ensure the identification, analysis, management, and timely communication of information related threats and vulnerabilities
* Evaluate and report on TMUS cyber information security risk practices and results
* Perform various personnel actions ranging from interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding and developing employees; addressing complaints and resolving problems
* Manage budget, resource allocation, and forecasting tools to ensure effective use of all resources. Manage status, productivity and other management reports to ensure staff meets optimal performance
* Determining and securing the resources and materials needed to perform the work of the unit
* Regularly directs the work of two or more full time employees or the FTE equivalent
* Interviewing, selecting and training employees and conducting performance reviews
* Appraises employees to determine eligibility for promotion or other status changes