We are looking for an experienced Information Security Officer who reports to the CISO and works closely with key service members, system administration and application development staff across the organization. The position requires an experienced officer able to offer input on and promote the implementation of security policies, procedures and best practices, perform security analysis on new and existing implementations, establish project security requirements, as well as track and report on security tests & audits.
The mode of work requires both a project management approach that offers completion and integrity and a consultant approach that is engaging and collaborative in order to deliver the best practical implementation of security requirements.
More specifically, as Information Security Officer, you will:
- Absorb and promote the information security strategy of the company to ensure the confidentiality, integrity, and availability of critical information assets;
- Participate in the establishment and enforcement of policies, standards, and processes designed to protect information assets;
- Perform business analysis of existing or new services and operations, identifying the critical information assets and the transmission, processing and storage points for these assets;
- Actively participate in enterprise-wise security implementations by offering technical consulting, maintaining configuration standards and establishing monitoring mechanisms for systems, applications and operations;
- Liaise with 3rd party officers for security issues, key/certificate custodianship tasks and project implementation requirements;
- Monitor and ensure the timely delivery of scheduled security vulnerability scans, penetration tests and related reports;
- Understand all applicable laws and regulations that apply to the position and complies with the requirements;
- Remain up to date on emerging threats and evolving security mechanisms and technologies;