Login

Login

11 Mar. 2023

Information Security Officer

Job description

The key role as information security officer is to deliver specific high added value information security and implement ISO 27001 compliant information security policies, controls and processes.

Main responsibilities but not limited to:

Security Policy Monitoring & Review

  • Implement appropriate group wide Security policies (incl. technical)
  • Monitor the effectiveness of action plans in addressing information risks.
  • Prepare information security performance report based on results from analysis and correlation of information security events.
  • Recommend suitable enhancements to improve information security performance.
  • Review security policies, standards and procedures by considering the threats identified and other information collected.

Security Statistics & Dashboard

  • Support the collection of risk (reporting) content for various operational and senior-leadership meetings, briefings and dashboards.
  • Work with teams to implement automation for risk reporting and metrics collection.
  • Assist in the design of risk dashboards to be shared at the executive, operational, and tactical levels.

Information Security Management & Governance

  • Implement global ISO27001: 2022 Management System
  • Defines, deploys and controls the management of information systems and services and data in line with the business imperatives.
  • Takes into account all internal and external parameters such as legislation and industry standard compliance to influence risk management and resource deployment to achieve balanced business benefit.
  • Deploys and manages the operational and specialist (for e.g. forensics, threat intelligence and intrusion detection) resources needed to ensure the capacity to manage security incidents, and makes recommendations for the continuous improvement of security policy and strategy.

Risk Management

  • Implements the management of risk across information systems through the application of the enterprise defined risk management policy and procedure.
  • Assesses risk to the organization's business, including web, cloud and mobile resources.
  • Documents potential risk and containment plans.

Training and awareness

  • Develop group wide information security related education and training programs to influence culture and behaviour of staff.
  • Train staff and promote awareness of policies and standards.
  • Liaise with other company functions to facilitate security awareness.

Requirements

Your Profile:

  • You have a Master’s or Bachelor’s degree (Informatics, Economist, Engineer or equal)

  • You have min of 5 year experience in similar function or at least responsible function in the IT security area.

  • Certifications in the areas of IT Security Governance (CISM), data privacy (IAPP) and Project Management (PMP, Prince2) are an asset

  • Knowledge of ITIL, COBIT, ISO 27001 Information security or other control frameworks.

  • You have the skill to balance data protection and business objectives.

  • Experience as an ISO 27001 lead implementer or auditor

  • You can reach a consensus about the correct IT security level with acceptable risk

  • Comfortable working without routine supervision

  • You speak fluent English (Dutch, Spanish, Portuguese are considered an asset)

Location

Merksem (Antwerp(en))

Visitors of this page also checked out these jobs:

COTRAIN uses cookies to remember certain preferences and align jobs interests.