For our end-user client we are looking for an experienced Sr. Global security officer.
Start date: ASAP
Duration: 6+ months
– You are responsible to implement and maintain a global Information Technology Security strategy that is aligned with the strategic needs of the business and in accordance with governmental regulations.
– In this role you will define and deploy standard Information Technology Security Governance and Risk processes and policies globally. This includes, but is not limited to, policies related to devices, data, security systems audits and controls.
– You will assess the compliancy of the company against standards such as ISO27001 or similar and follow up on the findings.
– Reporting on security findings and risks is done on a regular basis to IT and business management and you will be the owner of IT Security tools that are in use or will be deployed.
– You will closely collaborate with business partners, (technical) security teams, legal and board of management. The Global IT Security Analyst will report to you.
Role & responsibilities:
–Define and deploy a global Information Technology Security strategy (IT Risk & Security roadmap) that is aligned with the strategic needs of the business and in
accordance with governmental regulations such as the EU GDPRrequirements and standards
–Define, deploy and maintain the Global Security Governance and policies
–Define and develop a roadmap of improvements to resolve any identified vulnerabilities
–Define, align and deploy policies and procedures related to managing IT Security threats and incidents, including Security Incident response procedures
–Collaborate closely with (technical) security teams and legal to form an end-to-end security governance process
–Implement a program of Information Security education and awareness across the company and with strategic partners. Train IT staff on security related topics
–Assess and report security awareness on regular basis to IT management and compliance officer. Reporting of security breaches (contractual and/or legally
required) will be done by Legal Department
–Assist with audits and other external assessments, collaborating with peer and cross-functional stakeholders to ensure continual due diligence on audit-related
controls and topics
–Work with project teams and application managers to evaluate and review project and change efforts from the perspective of IT Security
–Maintain contact with external vendors, suppliers and expertise partners, including governmental offices related to cyber security.
–Service owner of Business Service “Risk & Security” and manage projects in this Service
–Creates and reviews with management Threat/risk analysis in the area of cyber security. Reports on information security metrics (dashboard)
–Approves project requests from the IT project portfolios (Project charters) with regard to information security and data protection
–Up to date Information Security strategy and roadmap
–Produces the Security dashboard and monthly reporting to IT, compliance officer and Board
– Prompt follow up on Information Security Incidents
Experience & skills required:
–Bachelor degree (BA) from four year college or university and a minimum of 5 years of hands-on systems- and network administrator experience.
–Aware of Laws and regulations in regard to Information Security
–CISSP or related security certification is a pre
–Ability to define problems, collect data, establish facts and draw valid conclusions.
–Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables
–Strong communication skills, consensus and influencing skills are key
–Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures or governmental regulations
–Ability to write reports, business correspondence and procedure manuals.
–Ability to effectively present information and respond to questions from groups of managers, clients, customers and the general public.
–Ability to solve highly complex problems and be able to make compelling and persuasive presentations to win approval for recommendations
–Ability to develop reports, graphs and other means to analyze data
–Communication and influencing, able to work with senior management
–(direct report) Sr. Director Global IT / (functional report) Compliance Officer
–Management of small team on operational and service development tasks
–Ability to find the right balances between workability and security based on a solid risk assessment.
–Must be a dynamic and self-starting individual who is able to work independently or as part of a team with minimal guidance and direction
–Strong analytical, organizational and critical thinking skills
–Gives advice both solicited and unsolicited
Language skills required:
English speaking and writing at business level.
Michel Koning 06-34657362