Senior IT Security Officer
Design and enforce policies and procedures that protect our organization's computing infrastructure from all forms of security breaches. You will oversee a variety of IT related risk management activities and work with our technology focused analysts, engineers and administrators in the IT department to resolve identified vulnerabilities, ensuring that our network and data remain secure.
IT Services Department, within a financial/Insurance group.
- Assist Line Management in achieving complete security management systems in accordance with Organization plans and adherence to legislation and agreed regulatory bodies processes and procedures;
- Maintain and develop up to date information security polices, standards and guidelines;
- Work directly with the business units to facilitate IT risk assessment;
- Monitoring network usage and analysis of security events from multiple sources to to ensure compliance with security policies;
- Performs the collection and management of information security operations metrics;
- Support the delivery of threat management, technology controls & incident response;
- Interact with different stakeholders throughout the Group, offering consultancy on security matters to ensure the consistent application of polices and standards, including for new projects developed within the company;
- Serve as subject matter expert for audit engagements. Assist in understanding and responding to security audits failures reported by auditors;
- Work as a liaisons with vendors to establish acceptable service level agreements and oversee security testing to verify the security of systems, networks and applications and to manage the remediation of identified risks.
- 5+ years of relevant work experience in IT/Cyber Security, including operations;
- Experience developing and managing policies, procedures, standards and guidelines;
- Experience with audit staff;
- Excellent analytical skills to analyze security requirements and relate them to the appropriate security controls;
- Effectively adapts to changing events, reprioritizing efforts, and realign resources as needed;
- Solid knowledge of various information security frameworks;
- Excellent communication skills: influencing and stakeholder management skills;
Ability to work effectively at all levels and across all business units and organizations, understanding business imperatives;
- Bachelor’s degree in computer science, information systems, engineering or the equivalent combination of formal education, training, and experience;
- Willingness to be on-call, work non-standard hours, and travel when required (occasionally).
Nice to have:
● Previous experience in implementing, configuring and/or monitoring security tools/systems (e.g. SIEM, DLP, PAM )
● Professional information security certifications
● Standards: ISO 27001 awareness