Security Incident Response Program, Senior Manager

SITA is the world's leading service provider of IT business solutions and communications services to the air transport industry. SITA manages complex communication solutions for its air transport, government and GDS customers over the world’s most extensive communication network, complemented by consultancy in the design, deployment and integration of communication services.  SITA also provides market-leading common use services to airports and air-to-ground communications to airlines. We deliver a comprehensive portfolio of e-commerce solutions for airlines and are pioneering new technologies in areas such as in-flight passenger communications and transportation security. Motivated by industry concern for lower costs, asset optimization and an improved passenger experience, we aim to simplify travel and transportation removing complexity and improving our customers’ operational performance.

 

Across the globe, SITA employs people of more than 140 nationalities, proficient in over 70 languages, and covers 220 countries and territories. SITA’s main office is in Geneva, Switzerland.  For more information, please visit our website at www.sita.aero. 

 

JOB PURPOSE

 

The Security Incident Response Program Manager is a member of the Corporate Security Office. She/he has the following responsibilities:

Develop SITA security incident response plan in support of the company’s security strategy to align its corporate security framework to industry standard;

Lead and support business units with customizing the incident response plan to their business activities and operating environment to achieve and risk management objectives and the ;

Promote and contribute to the adoption of information security standards throughout the company using awareness campaign;

Support Corporate Security Office activities such as governance, design, standardization to support SITA in achieving its security (and business) objectives.

 

KEY RESPONSBILITIES

 

Develop and document SITA’s security incident response plan (IPR) to address likely threats, reduce cost of security incidents and support SITA in achieving best-in class information security practice;

Develop security policies and security incident response processes, procedures and tools to support the enforcement of the company’s incident response plan within all SITA business units;

Provide tactical planning to lead the enhancement of the organization’s monitoring, containment, eradication and recovery capabilities.

Perform audit review to ensure compliance to the defined response plan and provide reasonable assurance to the senior management that incident are consistently and adequately managed;

Manage security incident response activities until incident closure, leading the team of expert and stakeholders to execute the incident response activities per the IPR including:

Collecting and analyzing information data;

Perform analytical process to determine the risks or threats level to SITA of a reported vulnerability and/or confirmed incident;

Determining and coordinating execution of the adequate containment and eradication strategy to allow for swift and cost effective incident recovery; and

Reporting to management and/or to law enforcement.

 

Identify, evaluate and recommend technologies and tools to be acquired to support incident response activities;

Manage service providers responsible for the operation and support of incident response tools and the underlying IT infrastructure (e.g. manage contractual and commercial relationship, define service delivery processes, agree on the needed SLA, report on provider’s performance, etc.);

Identify organizational changes to ensure the continuous availability of the incident response function (and ensure service disruption due to security incidents is kept to a minimum). Develop and present business case to SLT, manage implementation of organizational change to completion.

Research, develop and maintain proficiency in tools, techniques, countermeasures, and trends in system and network vulnerabilities and exploits.

Perform corporate security management duties such as vulnerability management, patch management security reviews and governance on large, complex program;

Contribute to the development of security awareness campaign and promote information security practices within the organization and drive compliance;

Assist head of corporate security office in the reporting of security activities using defined key performance indicators (KPIs);

Contribute to SITA corporate security governance mechanisms;

Oversee work of third party security vendors and consultants to ensure the successful delivery and quality of projects deliverables.

 

JOB CONTACTS

SITA Corporate Security Office Team

Security SPOC within SITA Business units and Regions, Legal and HR;

SITA internal & external suppliers: Cust. Service Organization; CSBU, Application Services, IS, OBS...

Consultants and Consulting Organizations

Law enforcement organization;

SITA internal and external auditors;

 

JOB DIMENSIONS

Staff – manage virtual team of security experts as required per the incident management  activities

 

Authority – The incumbent has responsibilities for executing security incident response activities for services operated by SITA, and for ensuring timely resolution so that the financial and legal liabilities to the organization is kept to a minimum. Gross impact for organization because of security incident could exceed 1MUSD

 

Budget – The incumbent will directly impact OpEx and CaEx of SITA BUs.

 

KNOWLEDGE, SKILLS, AND EXPERIENCE REQUIRED

 

Education and training

A Bachelor's and/or Master's degree in Computer Science, Computer Engineering, or related discipline

Degree or formal training in the field of Security technologies

Certification / Qualification on security and service management (CISSP, ISO, ITIL)

 

Knowledge, Skills & Experience Required

7+ years working experience in IT infrastructure operations and service management within the telecommunications and/or network infrastructure sectors. Applicant should:

Have solid understanding of common vulnerabilities associated with networks, operating systems and applications;

Have knowledge of security standards and best practices and ability to refer to these;

Perform network traffic and application monitoring and analysis;

Define and document incident management activities and communicate those to management;

Define and lead team in executing escalation processes, ensuring timely and high quality support.

Have successful track records for the (a) definition of operational processes and procedures, and (b) the leading of a (virtual) team to operation excellence in a distributed environment.

Experience with managing technical project including using external resources.

Posse’s technical competence including with intrusion detection and prevention systems,  Anti-Virus and Anti-Malware solutions, Vulnerability Scanners;

 

Other Skills:

Analytical & problem solving skills;

Strong organization and planning skills

Demonstrate flexibility and adaptability, self-motivation energy and drive;

Works well autonomously, yet team oriented;

Adaptable to multilingual, decentralized and virtual  teams

Strong communications skills (written and oral), consulting and presentation at different level of the organization

Ability to lead and influence peers and senior managers,

Languages:  English. Additional language an asset

Result-oriented

 

Qualified candidates should submit their resume to karen.stack@sita.aero indicating the job title and reference code in the subject line.