The Information Security Officer is responsible for ensuring that the local business and IT in the 1st line of defence is sufficiently enabled to take well-informed decision, balancing commercial gains and potential risks carefully.
The client is a key-account from Michael Page.
The Information Security Officer role is part of the 2nd line of defence, reports to the Risk Director within the entity and has a functional reporting line to the Head of Corporate Information Risk Management department. You are responsible for:
Support business impact analyses and risk assessments, by guiding them though the process, providing expertise, asking critical questions and challenging decisions or justifications.
Sign off on risk assessments, when agreeing with the scope and quality of the assessments
Create and maintain a security action plan in cooperation with the local 1st line, in order to improve cyber resilience and the overall IT Security levels
Translate global policies and standards to localised procedures (where required)
Advise on local Security solutions in case there is no group Security solution available.
Organise and manage Security awareness campaigns and workshops within the entity
Single point of contact for the Corporate Information Risk Management department
Assess whether vendors meet the contractual information security requirements.
Define Security requirements for local projects
Monitor and register all non-IT related Security matters e.g. theft, integrity, HR.
Perform control testing and report to own local management and Corporate Information Risk Management
Minimal Bachelor (HBO) degree
CISSP and CISM accredited, or be able to obtain these within 2 years
At least 5 years of relevant working experience
Fluent in English (verbally and written)
An interim assignment for 6 months (with a chance to extend)