Regional Security and Regulatory Compliance Manager



Job Req ID: 33199



Posting Date: 13 May 2024



Function: Security



Unit: Networks



Location: DH-1,DH-2,DH-3,DH-3/1,Block DH, Kolkata, India



Salary: Competitive





Recruiter: Praveen Lanka
Hiring Manager: Sudhir Singh Sisodiya
Career Grade: D
Internal Closing Date: 20-May-24


About us
BT is part of BT Group, along with EE, Openreach, and Plusnet.
Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning, and the emergency services responding.
We value diversity and celebrate difference. \xe2\x80\x98We embed diversity and inclusion into everything that we do. It\xe2\x80\x99s fundamental to our purpose: we connect for good.\xe2\x80\x99
We all stick to the same values: Personal, Simple, and Brilliant. From day one, you\xe2\x80\x99ll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won\xe2\x80\x99t be alone: we\xe2\x80\x99ll be there with help and support, learning and development.
This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it.


A FEW POINTS TO NOTE:
Although these roles are listed as full-time, if you\xe2\x80\x99re a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch.
DON\'T MEET EVERY SINGLE REQUIREMENT?
Studies have shown that women and people who are disabled, LGBTQ+, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We\'re committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you\'re excited about this role but your past experience doesn\'t align perfectly with every requirement on the , please apply anyway - you may just be the right candidate for this or other roles in our wider team.



Why this job matters
We\xe2\x80\x99ve always been an organisation with purpose; to use the power of communications to make a better world. You can trace this back to our beginning as pioneers of the world\xe2\x80\x99s first telecommunications company. At our heart we\xe2\x80\x99re a technology company with research and innovation in our bones and a desire to be personal, simple, and brilliant for our customers - those are the values we live by whilst also creating an inclusive working environment where people from all backgrounds can succeed. In order to protect itself and its customers Protect BT team is responsible for identify emerging threats to the business and our customers and responding to them , this includes addressing the risks arising out of any non-compliance to regulatory requirements.
Working with the various internal stakeholders including business, security , regulatory and legal teams, the key purpose of your role is to protect BT by developing a comprehensive understanding of Indian DOT framework for lawful interception, Security requirements identified in UL. In this role you will effectively assess information received, and make the appropriate decision outcomes in line with departmental policy to mitigate against Threat, Harm and Risk.


What you\xe2\x80\x99ll be doing

As a Site Security Risk and Regulatory Compliance manager
You\xe2\x80\x99ll be:-

• Ensuring the operational enforcement and compliance to various security standards related to IT Security, Physical Security, Personnel Security, Cyber , Privacy , Data Protection , Network Security and Regulatory security.
• Having extensive experience in enterprise riks management , threats modeling , vulnerabilities assessment
• Having extensive experience of performing security audits across suppliers, vendors, internal shared functions like HR/IT/Procurement etc., physical security, customer security , ISO 27001, SOC2
• Having a good underdstanding of Data protection, Data privacy priciples and Industry security standards, cryptography, network/application security, web security, etc.
• Understanding of network perimeter security, Cyber Security operations, SIEM tools and solutions, SOC design and operations , Incident management
• Ability to perform Physical security design reviews and recommend/test controls
• Managing the day to day site security governance and operations by enforcing BT\xe2\x80\x99s Security standards and policies across business operations, suppliers, shared functions like IT, HR, Facilities management etc.
• Working with other groups in Information Security and other functions in organization for ensuring seamless alignment of Security with business operations / transformation processes
• Able to clearly articulate and communicate verbally and in writing the security risks in various domains and work with senior management to mitigate the same
• Managing emergency response plans to deal with cyber security incidents and reporting threats to relevant bodies.
• Managing Information Security awareness program.
• Maintains security and operational efficiency metrics through comprehensive reporting, including ad-hoc requests, historical/trend reporting, and tracking against established baseline
• Manages where applicable Security Team Members to ensure high performing and well motivated people delivering a specific function or service.
• Able to undertake travels to perform the physical, environmental and cyber security assessments and incident responses

We\xe2\x80\x99ll also need to see these on your CV

• Preferable B.Tech/B.E/BSc in Computer sciences , IT, E&TC
• Must have at least two of these certificates CCNA , CISA, CISSP, CISM
• Experience of working in different security domains including Information Security, Physical security, Cybersecurity incident management , Investigations and Senior stakeholders management
• Experience of liaison with Regulatory bodies, law enforcement and nodal agencies would be preferred.
• Experience 12-20 Years

The skills you\xe2\x80\x99ll need

Compliance Monitoring and Controls Testing
Information Security Strategy
Stakeholder Management
Security Assessment
Solution Design
Data Analysis
Vulnerability Management
Information Security
Agile Methodologies
DevSecOps
Customer Relationship Management
Cyber Resilience
Requirements Management
Security Evaluation and Functionality Testing
Decision Making
Growth Mindset
Inclusive Leadership
Incident Management


Our leadership standards

Looking in:
Leading inclusively and Safely
I inspire and build trust through self-awareness, honesty and integrity.
Owning outcomes
I take the right decisions that benefit the broader organisation.
Looking out:
Delivering for the customer
I execute brilliantly on clear priorities that add value to our customers and the wider business.
Commercially savvy
I demonstrate strong commercial focus, bringing an external perspective to decision-making.
Looking to the future:
Growth mindset
I experiment and identify opportunities for growth for both myself and the organisation.
Building for the future
I build diverse future-ready teams where all individuals can be at their best.
About us
BT is part of BT Group, along with EE, Openreach, and Plusnet.
Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning, and the emergency services responding.
We value diversity and celebrate difference. \xe2\x80\x98We embed diversity and inclusion into everything that we do. It\xe2\x80\x99s fundamental to our purpose: we connect for good.\xe2\x80\x99
We all stick to the same values: Personal, Simple, and Brilliant. From day one, you\xe2\x80\x99ll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won\xe2\x80\x99t be alone: we\xe2\x80\x99ll be there with help and support, learning and development.
This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it.


A FEW POINTS TO NOTE:
Although these roles are listed as full-time, if you\xe2\x80\x99re a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch.
DON\'T MEET EVERY SINGLE REQUIREMENT?
Studies have shown that women and people who are disabled, LGBTQ+, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We\'re committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you\'re excited about this role but your past experience doesn\'t align perfectly with every requirement on the , please apply anyway - you may just be the right candidate for this or other roles in our wider team.