Head of Information Security, Application Security
Be a part of a revolutionary change
At PMI, we’ve chosen to do something incredible. We’re totally transforming our business and building our future on smoke-free products with the power to improve the lives of a billion smokers worldwide.
With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and the space to move your career forward in endlessly different directions.
PMI’s journey to a smoke-free future is fueled by technology.
The total transformation we’re going through means that there are unique IT projects here to match all levels of skills and ambitions – from pace-setting global pilot projects to vital local updates. Whether you want to pursue a personal passion or build an international career, there’s space here to develop in any number of directions.
Join us in this role and you’ll be part of our IT Information Security & Data Privacy international team in the beautiful city of Jakarta, Indonesia.
Your “day to day”
• Lead hands-on a team of application security specialists that support IT teams during the design, development and maintenance of new or existing systems
• Ensure that the team is staffed with the required talent and continuously evolve it by creating learning paths and development programs for each team member
• Act as trusted partner for IT teams on application security topics and provide expert recommendations on how to best embed cybersecurity into the systems development life cycle process
• Manage peaks in the demand for application security advisory services by onboarding external specialists, coordinating their work and reviewing deliverables to guarantee that they meet the expected level of quality
• Establish metrics to measure the effectiveness of the overall application security program, e.g. by reporting on the number of initiatives supported, average time and effort spent, common findings and pitfalls identified during the fieldwork, etc.
• Partner with other Information Security Architecture & Engineering leaders to ensure that PMI follows best practices and latest market standards in the application security domain by continuously optimizing tools, techniques and methodologies
• Drive security awareness programs for IT teams by organizing lectures, webinars or trainings on secure software development life cycle, secure coding and other application security topics
Who we’re looking for
• Minimum 7 years of experience in application security and/or IT risk management, preferably within a large organization
• Minimum 3 years of experience in managing small-sized (5-10 people) teams of information security specialists
• Professional certifications in Information Security or Cybersecurity (e.g. CISSP, CISM)
• Proven track record in supporting development teams throughout all phases of systems development life cycle (design, threat modelling, development, maintenance)
• Demonstrated experience in managing stakeholders including business owners, product teams and contractors/vendors
• Strong understanding of cloud computing architectures (e.g. SaaS, IaaS, PaaS, FaaS) and their corresponding characteristics in terms of information security
• Practical knowledge on modern application architectures including microservices, containers, APIs and serverless technologies
• Considerable technical writing proficiency and oral presentation skills, in English
• Practical experience in Agile/DevOps organizations and cultures
• Highly collaborative, with ability to build relationships with colleagues from different cultures throughout the organization
• Experience with any of the following technologies/tools not mandatory but strongly preferred: AWS WAF, Salesforce Shield, HashiCorp Vault, Terraform, Ansible, Artifactory, Splunk, ELK
What we offer
Our success depends on the men and women who come to work every single day with a sense of purpose and an appetite for progress. Join PMI and you too can:
• Seize the freedom to define your future and ours – we’ll empower you to take risks, experiment and explore
• Be part of an inclusive, diverse culture, where everyone’s contribution is respected; collaborate with some of the world’s best people and feel like you belong
• Pursue your ambitions and develop your skills with a global business – our staggering size and scale provides endless opportunities to progress
• Take pride in delivering our promise to society: to improve the lives of a billion smokers