DTICI_Information Security Officer_T7

Tasks

Information Security Officer will be responsible for overseeing information security, cybersecurity and IT risk management programs based on company policies, industry-accepted information security and risk management frameworks.

This individual will be an integral part of the Information Technology organization reporting directly to the Head of the Cyber Security Office to help improve and communicate the maturity levels of information security, state of cybersecurity and develop, implement and monitor IT risk practices across the Company.

Exp: 8 to 15 years

• Developing and implementing a comprehensive information security management framework to secure our computing infrastructure in line with the company policies, audit requirements and industry standards
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
• Monitoring usage to ensure compliance with security policies & Identifying vulnerabilities in our current network and applications
• Documenting any security breaches/incidents/weaknesses, assessing their damage, performing remedial actions and ensuring appropriate documentation and recommendations for prevention of such incidents going forward
• Keeping up to date with developments in IT security standards and threats & Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
• Collaborating with company and group headquarter management and the IT department to improve security, ensuring policies are followed and adopted in a timely manner
• Work directly with the business units to facilitate Information Classification, Risk assessment and risk management processes
• Educating colleagues/teams by creating awareness through multiple channels about information security, compliance and best practices as per company policies
• Administer and maintain Data Loss Prevention (DLP) solutions to prevent unauthorized access and transmission of sensitive data
• Ability to communicate security, data protection, data loss prevention related concepts to a broad range of technical and non-technical staff effectively at multiple organizational levels.
• Reviewing vendor contracts and consents needed to implement projects in partnership with the firm’s Procurement and Information Security functions, and ensuring filing requirements with local regulators are achieved.

Qualifications

• Bachelors/Post Graduate Degree with a focus on Cyber Security and business administration
• Lead Auditor certification according to ISO27001 and experience in implementing ISO27001
• Certified Information Security Manager (CISM)
• Knowledge of IT processes and controls and strong understanding of any of the following risk and control frameworks such as CoBIT, ISO, ITIL, ISO/IEC 27001
• Hands-On experience in implementing & managing policies and procedures on an industry standard Data Loss Prevention (DLP) tool
• Working knowledge of Data Privacy regulations specifically GDPR (General Data Protection Regulation) and its implementation across an organization
• Experience with contract and vendor negotiations and management including managed services.
• Good knowledge and deep understanding in the field of information security, current IT security challenges and common security gaps in software and networks
• Good understanding of the ISO27001 framework or other standards/models related to enterprise architecture and information security
• Security-specific knowledge of cloud computing and cloud-based architectures (SaaS, IaaS, PaaS)
• Experience in the design and design/development of complex IT systems/platforms and in conducting and delivering information security assessments
• Experience in implementing security-relevant requirements in complex IT system landscapes
• Experience in working together in cross-functional and international teams as well as in managing internal and external resources
• Pronounced analytical, interdisciplinary and integrative thinking and acting as well as independent work
• Excellent written and verbal communication skills and high level of personal integrity.
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams

Arbeitsort