Information Security Officer

Reporting To: General Manager (Operations, Legal & Compliance)

Overall Purpose of Job: To manage the design, development, implementation, operation and maintenance of information security programs which protect information and maintenance of information assets and technology of the Company. 

Main Duties and Responsibilities:

• Design, develop, oversee implementation, monitor a comprehensive and in-depth cyber risk management program;

• Define detailed policies and working procedure for the implementation of cyber defence controls;

• Establish a corporate methodology and advice Senior Management and the Board on cyber defence management;

• Identifying vulnerabilities in client’s current network;

• Lead and coordinate that processes such as penetration and vulnerability tests are conducted by competent and reliable bodies to find any flaws and mitigate risks;

• Monitoring network usage to ensure compliance with information security policies;

• Lead and coordinate on securing our client’s systems against emerging risks such as Cyber Security, GDPR Compliance;

• Integrate and monitor cyber incident response management within the Company;

• Promote cyber threats awareness and provide training on mitigation processes across the Company including employees, suppliers, partners and customers;

• Initiate and execute cyber exercises; 

• Work with the relevant functions (technology and business) within the Company in order to analyse and assess the levels of inherent risk, the respective controls required and the levels of residual risk and exposure to cyber threats;

• Work closely, communicate regularly and suggest solutions to Risk and Compliance members re Security Risks and cyber defence policy;

• Coordinate and liaise with third parties on cyber defence matters;

• Control access permissions, security and privileges;

• Keeping up to date with developments in ICT and information security standards and threats by continuously following training leading to professional information security certification;

• Operate effectively and with minimal supervision with a high degree of accuracy;

• Handle concurrent tasks with appropriate priority;

• Help ICT Manager and Platform Administrator on database upgrades, on-premise and cloud infrastructure especially security aspects;
  
  
  

Qualifications/Skills

•              Degree in computer science or a technology-related field.

•              Professional information security certification.

•              Experience in an information security role.

•              Solid knowledge of various information security frameworks.

•              Excellent problem-solving and analytical skills.

•              Ability to educate a non-technical audience about various security measures.

•              Effective verbal and written communication skills.