Information Security Officer at GVA Partners

Job Overview

• Serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee, and business information in compliance with the organization's information security policies.
• A key element of the CISO's role is working with executive management to determine acceptable levels of risk for the organization. This position is responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected

Key Responsibilities

• Supervise and Monitor Application / Network Security Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program.
• Work directly with the business units to facilitate risk assessment and risk management processes.
• Develop and enhance an information security management framework.
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services.
• Provide leadership to the enterprise's information and cyber security organization.
• Partner with business stakeholders across the company to raise awareness of information security.
• Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems.
• Manage personnel within the Information and Cyber Security Group (ICSG) including hiring practices, task assignment, defining roles and responsibilities, and personnel performance management
• Provide regular updates to the executive management team on status of company's risk posture and security program
• Perform other duties as assigned by the Group CISO

Qualifications & Experience Mandatory

• Minimum of a Bachelor's Degree in Information Security, Computer Science, Information Technology or related field.
• Industry recognised professional certifications such as MCTS, MCP, ITIL, CISA, COBIT, CISM, CRISC, CISSP, CFE
• Minimum of six (6) years experience in information and cyber security.

Desirable:

• Master’s Degree in relevant filed.
• Relevant professional qualifications.

Required Knowledge, Skills and Abilities:

• Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.  Excellent written and verbal communication skills and high level of personal integrity
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams  Experience with contract and vendor negotiations and management including managed services.
• Specific experience in Agile (scaled) software development or other best in class development practices.
• Experience with Cloud computing//Elastic computing across virtualized environments

Generic Skills:

• Ability to make sound and logical security judgments.
• Demonstrated leadership and personnel/project management skills.
• Good understanding of the organization’s goals and objectives.
• Strong interpersonal, written, and oral communication skills.
• Able to conduct research into issues as required Supervisory Skills.
• General administration.
• General managerial / administration.
• Team building / conflict management.
• Leadership / Coaching / Supervisory/ Influencing.
• Organization and coordination.