IT Information Security Officer

Responsibilities

• The Group IT Security, Risk and Compliance Team is responsible for protecting enterprise information and information systems from unwanted access or usage, and to embed a culture of IT security across IT functions and company employees.
• From a Security perspective, we design, monitor and review policies and processes to provide data and systems confidentiality, integrity and availability.
• In the role of IT Information Security Officer within you are responsible for research, development, implementation, testing and reviewing company information security practices to protect the information and prevent unauthorized access.
• You will be interacting with all the functions of the IT department to identify potential security weaknesses and recommend improvements to mitigate vulnerabilities.
• A high priority in this role is to ensure business continuity. This is accomplished by anticipating technical security risks and securing all critical working environments.
• You will oversee and/or assist in performing on-going security assurance of information systems.
• The IT Information Security Officer role helps to drive Security by design and is taking new projects and changes through review and audits ensuring data privacy and compliance.
• Furthermore (amongst other activities) you will:
  • Lead the development, adoption and enforcement of Information Security policies, processes and procedures.
  • Conduct functional and gap analyses to determine compliance with regulatory requirements.
  • Collaborate with management and the IT department to improve security standards.
  • Lead the information security awareness program across the company.
  • Continuously assess the current information security risks of data, systems and networks.
  • Lead the vulnerability management process and execution of penetration tests.
  • Identify new information security technologies and countermeasures.
  • Evaluate vendor products and work with internal stakeholders to achieve a timely implementation.
  • Coordinate the security incident response and remediation actions.

Requirements

• Our preferred candidate for the role of IT Information Security Officer has a degree in Computer Science, Information (Systems) Management or equivalent. 
• You have 5 to 8 years of experience with the field of IT, of which 4+ years of relevant experience in an Information Security role.
• In addition to this, you have:
  • Understanding of data privacy laws globally in different countries and jurisdictions.
  • Solid knowledge of various information security frameworks (ISO 27000 certification preferred).
  • CISSP, CISM, CISA (preferred but not mandatory).
  • Experience with working with global teams in various time zones.
  • Well-developed influencing and stakeholder management skills.
  • Ability to educate a nontechnical audience about information security best practices.
  • Excellent problem-solving and analytical skills.
  • Excellent communication skills in English, both written and verbally.