While reporting the Chief Information Officer you will be responsible for establishing and maintaining corporate-wide information security management program and ensure that all activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information are in compliance with the organization's information security policies.
- Develop, implement and oversee information security management framework - including reporting and controlling incidents; monitoring threats and taking preventing measures.
- Develop, implement and monitor strategic, comprehensive enterprise wide cyber security and IT risk management programs.
- Provide leadership to information security organization; manage and train security staff.
- Partner directly with the various business units and other IT teams to ensure consistent application of policies and standards; raise awareness of cyber security; and perform cyber risk assessment and risk management.
- Participate in overall business technology planning to ensure security is built-in from the onset.
- Minimum 8 to 12 years of experience in a combination of risk management, information security and IT functions.
- Degree in technology related field required.
- Professional security management certification.
- Certification in ISO/IEC 27001, NIST, CISSP, CISM preferred.
- Knowledge of ISO/IEC 27001, NIST, CISSP, CISM
- Expert proficiency in Information Security Management Systems (ISMS), cyber security and technology risk management.
- Experience with contract and vendor negotiations and management including managed services