Senior Information Security Officer
Salary: Up to €120k
Support the CISO in delivering the information security service for the company and its entities for the protection of enterprise information assets. Duties will include monitoring compliance to information security policies, managing Information Security incidents and championing standards across the Group.
The scope of responsibility will encompass communications, applications, and infrastructure, including the policies and procedures which apply. The position requires an experienced security and risk practitioner with exceptional business acumen and technical knowledge and an ability to operate in a fast-paced, dynamic environment.
Reporting to the CISO the position is responsible for managing our information security and risk and compliance practices, leading the development, and execution of information security strategies, implementing technical solutions, and acting as the security and IT risk subject matter expert.
- Develop, review, and approve security policies, controls, and cyber incident response planning. Ensuring these can be adopted within the local entities with limited localisation.
- Maintain a current understanding of the security threat landscape for Financial Services and the Insurance industry ensuring any changes are appropriately and effectively communicated to management.
- Maintain an understanding of changing laws and regulations which may impact the Group.
- Ensure the development, testing and implementation of appropriate security plans, products and control techniques are used to drive improvements in the Groups security posture and risk exposure.
- Review, define and monitor key metrics to track the companies compliance to information security policies and risk position. Using these metrics to drive improvements and enforce compliance.
- Develop and manage a Group dashboard for senior management which effectively depicts the companies security position.
Personal Capabilities Required
- Well-versed in related concepts of risk management, portfolio management, finance, actuarial sciences, and operations.
- Very good interpersonal and communication skills, with the ability to influence in an international context.
- Excellent organisation and planning skills, ability to analyse and solve problems often involving cross-functional teams having only a problem-specific lifetime.
- Must be comfortable with agile concepts and approaches for technology delivery.
- High levels of commitment and energy combined with the ability to lead people, and the ability to influence outcomes.
- Collaborative, facilitate, and have the ability to partner with multiple stakeholders.
- 5+ years of relevant experience required at a senior level within an IT Enterprise Organisation with proven knowledge of security architecture design, network security, mobile security, vulnerability management, and threat intelligence/analysis.
- Prior extensive and demonstrable experience in a Senior level role within financial Services with significant Compliance and risk exposure.
- Degree in Information Systems, Computer Science, Cybersecurity, Computer Engineering, or related discipline.
- Can demonstrate a deep knowledge of security policies, regulations, and compliance issues.
- Strong ability to translate complex IT and security challenges and issues into business risks.
- Knowledge of common information security management frameworks, such as ISO 27001, COBIT, NIST or PCI DSS.