Philip Morris International
Head of Cybersecurity Operations
Philip Morris InternationalPortugal1 day ago
Full-timeInformation Technology
MAKE HISTORY WITH US!

At PMI, we’ve chosen to do something incredible.

We’re totally transforming our business and building our future on smoke-free products with the power to deliver a smoke-free future.

With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and you will have the space to move your career forward in many different areas/directions.

IT at PMI

PMI’s journey to a smoke-free future implies a shift from a tobacco manufacturer to a science and technology-based consumer facing organisation.

Such a shift creates an abundance of unique and transformative IT projects to match all levels of skills and ambitions. You’ll feel like you’re working in a start-up – with the freedom to shape and define the future of digital, but with the support and scope of a vast global business. You’ll get a chance to work with cutting-edge technologies (e.g., Cloud, APIs, AI) as well as management practices (e.g., Agile, Design Thinking, Product Management). Our environment is fast-paced and highly collaborative. If you want the freedom to find new ways to connect with consumers, there’s no better place to progress your career.

Digital at PMI is dynamic, diverse, and disruptive. Join us and become a part of a top talent team where you can bring new ideas to life in a global function that is a key driver of the success of our business.

Joining Operations & R&D

Within IT, the Operations & R&D team is an experienced, nimble & expert team composed of multiple sub streams. The main purpose of the team is to lead the digital strategy and transformation of Operations and R&D functions through effective business partnering and conceptualizing, delivering and supporting state of the art and secure IT technologies across the end-to-end value chain.

When you join this team, you will work closely with the IT Operations and R&D leadership team and critical business stakeholders as a trusted technology partner to embed continuous innovation, work at speed and scale, develop your career in numerous directions in line with your aspirations and in a truly international and diverse context.

What’s the purpose of this role?

The Director for IT Operations and R&D Security is looking for an experienced Head of cybersecurity Operations who can design, build, and operate a new “next generation” Control Operation Centre within the 1st Line of Defense of IT Operations & R&D platforms. In addition to the IT environment, this role will also actively support the implementation and expansion of cybersecurity operations across the OT environment. This position reports directly to the Director for IT Operations and R&D and will be part of the cybersecurity leadership team.

The responsibilities of this position span a wide range of areas, including:

  • Prioritizing, defining, and orchestrating the execution risk treatment strategy
  • Developing and embedding capabilities and controls across the cybersecurity value chain (Identify, Protect, Detect, Respond, and Recover) to effectively sustain cybersecurity initiatives
  • Operate and monitor security controls in a continuous manner, on behalf of control owners in Product and Operations functions

Your day-to-day

  • Support the Director for IT Operations and R&D Security with the development and implementation of a Cybersecurity Operations strategy and programs, in alignment with the business goals of Product and Operations functions
  • Together with the Director for IT Operations and R&D Security, Lead and oversee the orchestration and execution of complex and strategic cybersecurity initiatives across Product and R&D functions
  • Oversee the day-to-day activities of the cybersecurity operations team ensuring efficient control operations and testing
  • Drive the implementation of operating model, processes, and procedures to transform the whole IT Product & R&D function in an effective 1st Line of Defense
  • Support Operations and R&D functions in the change management to become an effective business 1st Line of Defense, with focus on product owners, project managers and technology SMEs (e.g., at Engineering Solutions, Product Engineering, Product Development IoT, in PMI plant shop floor)
  • Work with strategic service providers to establish a cost-effective 1st Line of Defense structure capable of delivering continuous control monitoring
  • Drive convergence between IT and OT with the objective of mitigating cyber risk and improving operational efficiency
  • Keep alignment with IT Platforms stakeholders to proactively implement "security-by-design" and "privacy-by-design" measures (people, processes, and tools)
  • Perform active measurement and governance on the CISO metrics
  • Connect information security initiatives to compliance and regulatory requirements, and oversee internal and external audits (e.g., FDA, CAD, FM Global) and Qualification and Validation activities in scope of GxP

Essential Requirements

Who we are looking for

  • Bachelor’s or master’s degree in computer science, information security, or a related field, or equivalent work experience
  • 10+ years of Cybersecurity experience in multiple IT and/or OT roles, with progressive leadership responsibilities
  • At least 3+ years of experience directly managing security and controls operations in a 1st Line of Defense structure
  • Proven track record in coordinating information security initiatives, with exposure to business processes and related technology systems in some or all the following functional areas: Manufacturing, Engineering, Supply Chain, Product, Quality, Electronics Manufacturing
  • Experience with enterprise level programs that use both traditional and agile frameworks, and the ability to adapt to changing requirements and priorities
  • Proven track record in project management, with focus on stakeholder, budget, communication, and virtual/indirect team management
  • Strong leadership, communication, and collaboration skills, with the ability to influence and motivate teams and stakeholders across the organization
  • Broad security knowledge to speak credibly to IT/OT/IIoT technology and information security SMEs
  • Strong team player with ability to build pro-active, co-operative working relationships with peers and key stakeholder, across cultures and geographies
  • Knowledge of basic identity and access management concepts (e.g., single sign on, identity federation) and standards (e.g., SAML, OAuth 2.0, OpenID)
  • Experience in developing and managing budgets, schedules, resources, and risks for cybersecurity programs
  • Experience in interacting with cybersecurity policies, standards, and best practices, and ensuring compliance with applicable laws and regulations
  • Good understanding of security frameworks and standards (e.g., SOC2, ISA/IEC 62443, ISO27001/27002, CSA, CIS, NIST, OWASP, etc.)
  • Experience in working with external partners, vendors, and auditors on cybersecurity related matters
  • High energy level and flexibility to meet a variety of demands while producing superior work products under short deadlines
  • Ability to put “end user hat on;” empathize, anticipate, and solve for pain points
  • Ability to build and maintain relationships with senior management, stakeholders, and team members

Preferred Requirements

  • Advanced knowledge of ICS/IoT/IIoT platforms, cloud computing architectures (e.g., SaaS, IaaS, PaaS), and related information security risks and frameworks
  • Knowledge of protocols and architectures related to industrial environments (e.g., OPC UA, Purdue model)
  • Industrial information security training/certification (e.g., GICSP, ISO/IEC 62443)

What’s in it for you?

There are many IT Organizations out there, so why should you join ours?

We Believe PMI IT’s True Strength Is Fuelled By Our People, And That Our Success Depends On Them Coming To Work Every Single Day With a Sense Of Purpose And An Appetite For Progress. We Are a People First Organisation Committed To Providing You With First-class Employee Journey. Here’s a Glimpse Of What’s In It For You Upon Joining Us

  • Work-life balance: Wellbeing comes first. We offer a fantastic office environment and Smart working options to ensure you have the best work-life balance possible
  • Learning & Development: Your growth is a priority. Our robust and varied learning & development ecosystem will help you strengthen your technical skills and enhance your soft skills and business acumen. The capabilities you will acquire with us will support your life-time employability within IT, PMI, and beyond
  • Inclusion & Diversity: Our differences - much more than our similarities - generate the innovation we are looking for. We aspire to build a diverse and inclusive organization to access the breadth and depth of thinking and sensitivity necessary to thrive

Every single IT colleague is part of our Transformation journey. Join us and pursue your ambitions – our staggering size and scale provides endless opportunities to progress. If this offer resonates with you, we look forward to receiving your application and getting to know you.

Together, let’s deliver a smoke free future.

18907

Key Skills

Ranked by relevance
Apply