Albarraque, Portugal


Information Technology



Job ID


MAKE HISTORY WITH US! At PMI, we’ve chosen to do something incredible. We’re totally transforming our business, and building our future on smoke-free products with the power to deliver a smoke free future. With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and the space to move your career forward in endlessly different directions. JOIN US! The Security Engineering team sits within our Technology & Platform Engineering department. Our team: • Engineers advanced solutions to secure the infrastructure of PMI (eg. DLP, network segmentation, SASE), and • Delivers platforms & tools to enable InfoSec and other IT teams to rapidly detect, analyse and respond to threats to PMI as we transform to a consumer centric organisation (e.g. SIEM, SOAR, vulnerability detection) As Manager IT Data Security Engineering, you will be responsible to lead a team designing, engineering, and managing best-in-class technical security capabilities and advanced security solutions to protect company information, prevent data loss/leakage, and ensure that PMI data is secured across the global IT landscape: • Drive technical implementation of the data security program within our global infrastructure organisation • Deploy and manage data security tools and solutions (e.g. DLP, CASB, MIP/AIP, IRM, etc.) in alignment with the data security requirements as well as functional and technical specifications • Govern key data security metrics for the global infrastructure organization • Identify opportunities for data security process improvements, and lead implementation of such improvements • Own the DLP product, driving cyber risk reduction to the Company’s data security posture • Ensure DLP service offering alignment with customer needs and day-to-day support for end-users Security Engineering is a geographically diverse team of engineers located in Poland, Portugal, Argentina and Philippines, working on building the future of cybersecurity in PMI while supporting our Cloud Transformation journey. This is an exciting opportunity to join our Security Engineering function and work on a scale and diversity of information security challenges that is difficult to find in other companies. Responsibilities • Define and maintain a technical architecture of managed data security solutions/tools • Convert data security requirements (both technical and business process related) into working solutions/products; taking into account technical constraints and potential integration or operational challenges • Formalize and implement relevant operational processes (e.g. around service management, change management, exception handling, etc.) • Implement and manage security tools and policies (e.g. DLP, CASB, IRM, etc.) throughout their life-cycle • Partner with Information Security to ensure that data security principles are effectively and efficiently embedded in new IT data security solutions/tools • Liaise with the Data Governance team to ensure that the use of DLP tools and capabilities is accurate and maximizes protection of company information • Challenge team on engineering practices either by sharing own experience and/or getting external support • Leverage retrospectives to surface conflicts and handle those to improve team morale and/or efficiency • Continuously monitor and improve team maturity and value delivery • Promote agile and new ways of working within the team Education and Experience Requirements Bachelors degree and 5 or more years experience in information security or IT security engineering. Preferred Qualifications • Understanding of information security technologies, standards, tools and frameworks • Understanding of information security concepts such as data loss/leakage prevention (DLP), a cloud access security broker (CASB), an insider risk management (IRM) as well as technical data security controls (encryption, tokenization, anonymization, watermarking, etc.) • Experience in building, rolling out, and operating security technologies that provide the ability to monitor, detect and action sensitive content within files and data streams, with a strong focus on Microsoft 365 collaboration tools (e.g. emails, documents in OneDrive, Teams, SharePoint, etc.), endpoints (e.g. Windows, Mac), and AWS storage services (e.g. S3) • Technical expertise in working with major cloud computing providers' security and data protection tools, with a strong focus on Microsoft 365 (e.g. MIP/AIP, Office DLP, Endpoint DLP, MCAS/MDA, IRM, etc.) • General understanding of regulatory requirements (e.g. SOX, GDPR, PCI) and their impact on information security, privacy, or data protection • Practical experience in Agile/DevOps organizations and cultures • Strong communication skills and ability to explain technical topics to non-technical people • Microsoft 365 specific certification (such as SC-400, MS-500) or other cyber security certificates (such as CISSP, CISA, CISM) would be a plus.