As the Information Security Officer, you will be responsible for the information security vision, strategy, governance, management, processes and user education. The role also requires technical abilities to assist the team in improving the security posture.
Purpose:
Assist the management team in creating and executing the security strategy and updating the security framework. Responsibilities also include security-related governance, management and processes. The role includes technical responsibilities for improving the security posture.
Responsibilities:
Oversee information systems and company security;
Evaluate, report on, and suggest new ideas related to any security threats;
Develop the steps necessary to protect the company's interests;
Provide advice and leadership to security policies;
Audit the current systems in place and direct and implement new standards, frameworks and processes;
Track the latest IT security innovations and keep abreast of the latest cybersecurity technologies;
Manage IT security operations;
Develop, enhance and deploy a cloud-centric cybersecurity model;
Deploy robust IT Security technologies;
Manage firewall and firewall lifecycle;
Monitor network security to verify all devices are running securely;
Perform IT Security Risk assessments and investigate ways to minimise threats;
Monitor IT Security vulnerabilities and hacking threats in network and host systems;
Implement an effective process for reporting IT Security risks, incidents and investigation of breaches;
Design, build, and manage the security infrastructure of IT systems;
Respond to all information security incidents;
Serve as a point of contact to develop and sustain controls to ensure compliance and security throughout the life cycle of data and services;
Review new vendor requests and manage the vendor cybersecurity risk assessment process;
Review and respond to all relevant audits, including all Data Security and Compliance client audits and assessments;
Support the strategic requirements of the IT department;
Be responsible for the protection of the electronic data processed or stored;
Develop, implement and monitor a strategic, comprehensive enterprise information security and risk management program;
Work directly with the business units to facilitate risk assessment and risk management processes;
Establish the appropriate security and governance practices;
Proactively monitor, identify, investigate and resolve technical incidents and problems.
Experience and qualifications:
Bachelor's degree in information security, computer science, or a related field;
Relevant certification(s) preferred (CIPP; CIPM; CISSP; CISM);
5-7 years experience with information technology security;
5-7 years experience in security principles and security standards;
5-7 years experience assessing, monitoring and managing security risks;
5-7 years experience in information security management;
Experience with risk management and governance solutions;
Experience with contract and vendor negotiations and management, including managed services.
#J-18808-Ljbffr