Purpose & Overall Relevance for the Organization:
Information Security Governance refers to our companies coordinated strategy for managing the broad issues of corporate governance, enterprise risk management and corporate compliance with regards to regulatory, internal and external requirements.
Together with your team you are responsible to govern the effectively and cost-efficiently mitigation or remediation of risks that can hinder our organization’s operations or our ability to remain competitive in the market. You also ensure our company’s conformance with regulatory and internal requirements for IT operations, - and other IT/business practices.
What we offer
- Core Responsibility for our Security awareness program
- Proactively identify security gaps and support business/IT stakeholders on their demands
- Support the Project Manager to successfully deliver the assigned projects. Be an active participant in assigned work streams. Provide regular status reporting to Project Manager
- Responsibility for trainings of our internal key stakeholders
What we are looking for
- Ability to identify problems, collect data, establish facts and draw valid conclusions
- Strong communication (both written and verbal)
- Ability to travel, domestic or international
- Fluent English (verbal and written)
- Advanced experience with standards work in security, such as ISO 2700x, ISO27031/BS25999; PCI DSS, COBIT, COSO, OWASP; HIPPA etc.
- Industry recognized certification (CISA; PCI QSA / ISA; CGEIT; CRISC etc.)
- Ideally certified as CISSP, CISM, TISP
- Four-year college or university degree with focus on Information Security or related areas, or equivalent combination of education and experience
- Minimum of 3+ years of progressive work experience in the field of IT Compliance, Security and Governance