Title:  Cyber DevSecOps Manager

We’re JTI, Japan Tobacco International and we believe in freedom. We think that the possibilities are limitless when you’re free to choose. In fact, we’ve spent the last 20 years innovating, creating new and better products for our consumers to choose from. It’s how we’ve grown to be present in 130 countries.

But our business isn’t just business. Our business is our people. Their talent. Their potential. We believe when they’re free to be themselves, grow, travel and develop, amazing things can happen for our business. 

That’s why our employees, from around the world, choose to be a part of JTI. It is why 87% of employees feel happy working at JTI. And why we’ve been awarded Global Top Employer status, eight years running. 

So when you’re ready to choose a career you’ll love, in a company you’ll love, feel free to #JoinTheIdea. 

Learn more: jti.com

Cyber DevSecOps Manager 

What this position is about - Purpose: 

This position exists to ensure the consistent security of the digital ecosystem (DES) and e-commerce solutions and is part of the Cyber Security Centre. The Cyber Security Centre delivers high quality, cost-effective security services within the scope of the global JTI infrastructure and application landscape. The function includes security architecture, design, innovation, assurance, service delivery and SOC.

This incumbent is responsible to ensure that technical security standards are defined and implemented across all DES and e-commerce platforms to secure them from internal and external threats. He/She will work closely with the Security Solutions, Digital Solutions and E-commerce teams to ensure security best practices are followed in the DevOps lifecycle and implemented in the solution design and deployment.

What will you do - Responsibilities: 

• Accountable for Security Architecture (design, review, implementation), ensuring business solutions are in line with best security practices, technologies and JTI standards.
• Responsible to identify opportunities to innovate methodology/solutions to improve the security posture of e-commerce solutions and platforms. Assists the Business/Process Expert in redesigning or adapting business processes to a change request. Ensure the alignment of the request to the GRM . Assists the Business/Process Expert in designing specification, testing and implementing business process changes.
• Work in close cooperation with and provide necessary support to global and local IT teams (GDC, BTS, I&O) ensuring proper / frequent updates to all Global/Local IT and Cyber Security Team Members.
• Manage a small team of external contractors working directly with the DES and e-commerce development and implementation teams. Ensures timely delivery of security components, evaluations, assessments.

Who are we looking for - Requirements:

• University Degree in Computer Engineering, Information Systems, or related field or relevant experience
• 5+ year-experience in Information Technology, with a particular focus on DevOps and E-Commerce Security
• Cyber security management and support in a global environment
• Strong communication & project management skills
• Coordination, organisational and meeting facilitation skills
• Knowledge of e-commerce related standards (PCI DSS, etc.)
• Knowledge of Security Management standards such as OWASP, NIST, ISO, Cloud Alliance
• Hands-on experience with automated testing solutions integration (SAST, DAST, IAST, SCA) like Synopsys, Fortify, Veracode, Checkmarx, etc.
• Fluent English written and spoken

What are the next steps – Recruitment process: 

Thank you very much for your interest in the role. You are welcome to apply.