Responsibilities:
- Develop, implement & monitor a strategic and comprehensive enterprise information security program to ensure that the integrity, confidentiality and availability of information is owned, controlled and processed by the organization.
- Develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices.
- Provide regular reporting on the current status of the information security program to enterprise risk teams and senior business leaders
- Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.
- Ensure that security programs are in compliance with contractual requirements, relevant laws, regulations and policies.
- Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.
- Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
- Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security.
Requirements and Qualifications:
- Minimum 10 years of experience in a combination of risk management, information security and IT security.
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non technical audiences.
- Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.
- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT and ones from NIST.
- High degree of initiative, dependability and ability to work with little supervision.
Age limit not more than 40 years
Didn’t find the job appropriate? Report this Job