MAKE HISTORY WITH US!
At PMI, we’ve chosen to do something incredible.
We’re totally transforming our business and building our future on smoke-free products with the power to deliver a smoke-free future.
With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and you will have the space to move your career forward in many different areas/directions.
IT at PMI
PMI’s journey to a smoke-free future implies a shift from a tobacco manufacturer to a science and technology-based consumer facing organisation.
Such a shift creates an abundance of unique and transformative IT projects to match all levels of skills and ambitions. You’ll feel like you’re working in a start-up – with the freedom to shape and define the future of digital, but with the support and scope of a vast global business. You’ll get a chance to work with cutting-edge technologies (e.g., Cloud, APIs, AI) as well as management practices (e.g., Agile, Design Thinking, Product Management). Our environment is fast-paced and highly collaborative. If you want the freedom to find new ways to connect with consumers, there’s no better place to progress your career.
Digital at PMI is dynamic, diverse, and disruptive. Join us and become a part of a top talent team where you can bring new ideas to life in a global function that is a key driver of the success of our business.
THE PURPOSE OF THIS ROLE
We are looking for a Senior Analyst, Data Platform Security to join our Data Platform group of IT experts. This team manages a widespread portfolio of systems, tools, and technologies that serve the Data Platform at PMI.
The Senior Analyst, Data Platform Security will strengthen our existing Data Platform Security team, acting as a 1st Line of Defense (1st LoD) for information security. You will ensure that PMI Data Platform systems are deployed and maintained securely, collaborating closely with Engineering teams to meet InfoSec standard requirements.
WHO ARE WE LOOKING FOR?
In this role, you MUST:
Have a university degree, preferably in Computer Science, Information Security, Cybersecurity, Engineering, or a related field
Have a minimum of 5 years of experience in an information security, IT risk management, or IT audit function within a large organization
Have a general understanding of regulatory requirements (e.g., SOX, GDPR, PCI) and their impact on systems
Be a problem solver with excellent organizational skills
Be disciplined and autonomous in handling demands within a constantly changing environment and working closely to deliver committed results
Be courageous and determined to get things done through others, able to persuade them into executing on your request, tracking timelines, and escalating if necessary
Have strong presentation, verbal, and written communication skills in English with the ability to articulate complex ideas in easy-to-understand business terms to all levels of the organization
Have the ability to effectively manage multiple stakeholders and competing priorities with high attention to detail
This role is NOT FOR YOU if you:
Are not a subject matter expert in information security, IT risk management, or IT audit
Expect others to organize your daily work; instead, as the senior subject-matter expert, you will define work not only for yourself but also influence workstreams of others: your peers as well as colleagues in Product and Engineering teams
Can’t deal with ambiguity and uncertainty – instead, you will act with courage and determination to bring everyone “on the same page”
Struggle with prioritizing work and get overwhelmed when things are not clear enough – instead, you will act with energy toward driving outcomes, get things done, and achieve impact despite challenges and adversity
HOW WILL YOU MAKE HISTORY WITH US?
In the role of the Senior Analyst, Data Platform Security you will:
Own key security processes and drive process adherence for systems of PMI Data Platform to achieve SLA/KPI compliance
Patch Management: Ensure all infrastructure and software are regularly patched and upgraded
Vulnerability Management: Ensure all identified vulnerabilities are closed within SLA
IT Risk Management: Ensure all IT risks have updated action plans in place and that these action plans are executed on time
IT Resilience: Ensure all critical systems have backup, restore, and IT Disaster Recovery arrangements in place and that they are documented (e.g., IT DR Plan) and regularly tested (e.g., backup restoration testing, IT DR Plan testing)
Lead, in strong partnership with Product Owners and Engineering Managers, adherence of PMI Data Platform systems to all PMI policies and standards defined in PMI's IT Policy Framework (ITPF)
Support projects (implementation of new and evolution of IT applications) and existing products and systems throughout their entire life-cycle in all IT security-related topics
Conduct security reviews for projects according to PMI’s stage-gate process, including Vendor Contract Reviews, Solution Outline Reviews, Threat Model Reviews, Migration Plan Reviews, Access Model Implementation Reviews, System Integration Reviews, etc.
Act as a single point of contact (1st LoD) for one or more Digital Products (a collection of systems under the PMI Data Platform), which may require hands-on experience with specific system implementations and their security configurations
Design and build, in collaboration with the Site Reliability Engineering Team, the security observability capability to enable active monitoring, reporting, and governance on key security metrics for systems under the PMI Data Platform
Support the execution of key PMI Information Security Programs for systems under the PMI Data Platform, such as onboarding of system logs to SIEM, enablement of MFA, implementation of new RBAC/ABAC models, etc.
Act as a single point of contact between PMI Data Platform teams and risk assurance functions at PMI
Partner with Information Security (2LoD) to ensure that PMI follows best practices and latest market standards for systems under the PMI Data Platform
Every single IT colleague is part of our Transformation journey. Join us and pursue your ambitions – our staggering size and scale provides endless opportunities to progress. If this offer resonates with you, we look forward to receiving your application and getting to know you.
Together, let’s deliver a smoke free future.