Information Security Officer
We are looking for an Information Security Officer to join the Clientèle Infrastructure and Operations department. As the Information Security Officer, you will be responsible for the information security vision, strategy, governance, management, processes, and user education.
Purpose:
Responsible for creating the vision and setting the strategy for information security. Responsibilities also include security-related governance, management, and processes.
Duties & Responsibilities
Responsibilities:
- Oversee information systems and company security
- Evaluate, report on, and suggest new ideas related to any security threats
- Develop the steps necessary to protect the company’s interests
- Provide advice and leadership to existing administrative security policies
- Audit the current systems in place, as well as direct and implement new standards
- Track the latest IT security innovations and keep abreast of the latest cybersecurity technologies
- Create and implement a robust IT security strategy
- Manage IT security operations
- Develop, enhance and deploy a cloud-centric cybersecurity model
- Deploy robust IT Security technologies
- Perform IT Security Risk assessments and investigate ways to minimize threats
- Monitor IT Security vulnerabilities and hacking threats in network and host systems
- Implement an effective process for reporting IT Security risks, incidents, and investigation of breaches
- Respond to all information security incidents
- Serve as a point of contact to develop and sustain controls to ensure compliance and security throughout the life cycle of data and services
- Review new vendor requests and manage the vendor cybersecurity risk assessment process
- Review and respond to all relevant audits, including all Data Security and Compliance client audits and assessments
- Support the strategic requirements of the IT departments
- Responsible for the protection of the electronic data processed by or stored
- Develop, implement and monitor a strategic, comprehensive enterprise information security and risk management program
- Work directly with the business units to facilitate risk assessment and risk management processes
- Develop and enhance an information security management framework
- Establish the appropriate security and governance practices
- Proactively monitor, identify, investigate, and resolve technical incidents and problems
Desired Experience & Qualification
Experience and qualifications:
- Bachelor’s degree in information security, computer science, or a related field
- Relevant certification(s) preferred (e.g. CIPP; CIPM; CISSP; CISM)
- 5-7 years experience with information technology security
- 5-7 years experience in security principles and security standards
- 5-7 years experience assessing, monitoring and managing security risks
- 5-7 years experience in information security management
- Experience with risk management and governance solutions
- Experience with contract and vendor negotiations and management, including managed services
#J-18808-Ljbffr
