Develop, implement and monitor a strategic, comprehensive company information security and IT risk management program;
Work directly with the business units to facilitate risk assessment and risk management processes;
Develop and enhance an information security management framework;
Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services;
Provide leadership to the enterprise's information security organization;
Partner with business stakeholders across the company to raise awareness of risk management concerns;
Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems.
Cerințe
Degree in business administration or a technology-related field required;
Professional security management certification: Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM);
Minimum of 3 to 8 years of experience in a combination of risk management, information security and IT jobs;
Experience with Cloud computing/Elastic computing across virtualized environments is an advantage;
Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST;
Experience with contract and vendor negotiations and management including managed services;
Specific experience in Agile (scaled) software development or other best in class development practices;
Excellent written and verbal communication skills and high level of personal integrity;
Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.