Come join the Cybersecurity, Trust and Protection Org (CTP) as our next Capability Manager, CTP Conformance!
Description
The Capability Manager, CTP Conformance will be responsible for liaising with assigned business units on behalf of the CTP Governance. These responsibilities will include assuming ownership for specific security domains from a programmatic perspective and acting as the subject-matter-expert to CTP and Technology partners for those domains. The Capability Manager will be responsible for advising CTP Leadership on the strategic roadmap, as well as collaborating with Program and Project teams to meet strategic objectives for their security domains.
Enterprise Core Competencies
Requires competency in customer focus, change and innovation, strategic thinking, relationship building and influencing, talent management, results focus and inspirational leadership.
What you'll do in your role.
Essential Functions
Conformance Strategy and Execution
Help develop and drive the mobilization, development and implementation of any new enterprise-wide initiatives (e.g.: NIST CSF, CMMC, etc.), and incorporate these into the continuous assurance program lifecycles
Actively seek and drive initiatives via unification, rationalization or automation to increase synergies across the enterprise in meeting policy adherence. (e.g. Unified Compliance Framework, Policy Automation for technical controls, etc.)
Make proactive assessments of current capabilities within the assigned security domain(s) at T-Mobile, as well as trends within the industry. Develop strategic roadmaps to mature the capabilities and functions within the security domains over the near and long term
Define security requirements for the Portfolio activities and Programs impacted by in-scope security domains
Understand the operations of the business and comprehend how these create value and risk for the organization
Collaborate with team members, peers and the business unit management team to determine technical information security requirements, planned remediation, and advocate for the program to gain resources to implement appropriate protection technologies and processes
Assist the Governance team in the development and refinement of key performance indicators and other necessary processes to demonstrate maturation and safeguarding of the business
Interact with internal audit, third party auditors, and appropriate regulatory bodies
Support the Information Security policy lifecycle throughout, including all aspects of intake, creation, review, approval, implementation, publishing, communication and maintenance
The experience you'll bring.
Preferred Requirements:
Candidate must have strong technical, influential and organizational skills
Prefer 5 years' experience in information security related discipline
Expert relationship building and partnering skills, including persuasion, negotiation and consensus building
Experience translating emerging IT and business trends into meaningful risk reduction opportunities
Demonstrated ability to work effectively in a complex matrixed environment
Outstanding verbal and written communication skills
Ability to interpret business strategy and align to appropriate security enhancements to achieve business enablement
Ability to translate security requirements into business risks and impacts
Telecommunications industry expertise, Six Sigma Training, Audit, Compliance and Network experience preferred
License or Certification: PMP, CISSP, CISA, CISM
*LI-KM3
Minimum Qualifications:
Bachelors' Degree in Computer Science, Information Technology or related field from an accredited 4-year college or university or combination of equivalent experience and education
10 years of technical Product or Program management within a Cyber Security organization. Preferably in the wireless communications space
A broad, enterprise-wide view of the wireless (or similar) business and understanding of strategy, processes and capabilities, enabling technologies, and governance. Experience in telecommunications, internet service provider, or application service providers a plus
The ability to apply Information Security principles to business solutions
Extensive experience planning and deploying both business and technology security initiatives.
Exceptional communication skills and the ability to convey results in a summarily and persuasive manner to business owners. This includes written and verbal communications as well as visualizations
The ability to act as liaison conveying information needs of the business to technology teams and technology constraints to the business
Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus.
Knowledge of federal and compliance regulations e.g. PCI, CPNI, CCPA, HIPAA, etc.
Good understanding and experience applying CoBIT, ISO, ITIL, NIST frameworks
Fluency in the use of all MS Office applications, including SharePoint services
At least 18 years of age
Legally authorized to work in the United States
High School Diploma or GED
T-Mobile requires all employees in this position to be fully vaccinated for COVID-19 prior to starting work, unless precluded from doing so by applicable law. The CDC currently defines -fully vaccinated- as two weeks after the second dose for Pfizer and Moderna, and two weeks after the single dose of Johnson & Johnson. T-Mobile will require proof of vaccination prior to successful applicant's first day of work, and will consider requests for exemption from this requirement during the offer phase (1) as a reasonable accommodation for medical reasons or sincerely held religious beliefs where the accommodation would not cause T-Mobile undue hardship or pose a direct threat to the health and safety of others, or (2) for other reasons under applicable law
Position details
Req ID: 194005BR
Department: Information Technology
Travel Required: No
