Local Information Security Officer (LISO) at Alfred & Victoria Associates

Job Description

• The Local Information Security Officer (LISO) will manage the information security program for a specific location or office within the organization.
• The LISO ensures that the organization's information security policies, standards, and procedures are effectively implemented and maintained at the local level.

Responsibilities

• Developing and implementing information security policies, standards, and procedures for the local office or location.
• Identifying and assessing information security risks, vulnerabilities, and threats at the local level and developing appropriate risk mitigation strategies.
• Conducting regular security assessments and audits to ensure compliance with security policies, standards, and procedures.
• Collaborating with other security professionals and business units to develop and implement security controls and countermeasures to protect against threats and vulnerabilities.
• Providing guidance and training to employees and other stakeholders on security awareness, best practices, and policies.
• Investigating and responding to security incidents and breaches at the local level, including reporting incidents to the organization's incident response team.
• Maintaining an up-to-date inventory of information systems and assets within the local office or location and ensuring they are properly secured and protected.
• Monitoring and reviewing security logs and alerts from security tools and systems to identify potential security incidents or breaches.
• Participating in the organization's information security governance process and ensuring compliance with relevant laws, regulations, and industry standards.
• Reporting on the local office's information security posture to senior management, including identifying areas of improvement and making recommendations for changes to policies, standards, and procedures.

Requirements

• Candidates should possess a Bachelor's Degree
• Strong understanding of information security principles, practices, and technologies.
• Excellent communication and collaboration skills to work effectively with stakeholders at all levels of the organization.
• Ability to work independently and take a proactive approach to identifying and addressing security risks and issues.
• Certification in information security, such as Certified Information Systems Security Professional (CISSP)