04 Jan
Information Security Officer
Vacancy expired!
- Develop and maintain in depth understanding of business unit processes, systems, technologies, data, customers, consumers, partners
- Become an expert in assigned products including the design, security profile and risks
- Build relationships with business units to deliver security-by-design controls incorporated into projects, architecture, infrastructure and applications.
- Act as a liaison to ensure cybersecurity practices are built into business unit initiatives for the entire lifecycle.
- Work closely with senior leadership to instill cybersecurity policies and practices throughout business units to address security operations, incident response, application security and infrastructure.
- Be actively informed and engaged in security projects across the business.
- Maintain up-to-date knowledge related to security threats, vulnerabilities and mitigations set forth to reduce the attack surface; circulate this knowledge through the business units.
- Ensure business projects are focused on cybersecurity from the beginning.
- Participate and influence Cloud and Native Architecture principles, APIs, as well as appropriate enterprise Data handling practices.
- Provide regular and timely reporting on the status of cyber security across the organization
- Provide escalation path for security issues, incidents and inquiries
- 8+ years in cybersecurity experience (or information technology couple with cybersecurity) or a related field
- Bachelor's degree in computer science or information systems or equivalent experience.
- Experience in guiding all aspects of cyber-security risk including - identification, synthesis, quantification, and remediation strategies.
- Experience working in Agile methodology and a deep understanding of phased approaches to the Software Development Life Cycle
- Working knowledge of:
- Cloud computing architectures and the associated security designs and challenges
- Common DevSecOps processes and technologies and how to effectively harden them
- Data Loss Prevention implementation and ongoing management
- Data management and security principles applicable to financial services and modern architectures.
- Strong presence and ability to engage with leadership regarding security (e.g. Executive Briefings and incident communications). Ability to communicate clearly and effectively with both technology/development and business partners
- Strong relationship, team building and facilitation skills
- Ability to translate technical/security issues to business users
- Proven ability to articulate the why and to enable fact-based decision making.
- Ability to independently influence others to achieve objectives
- Ability to deal with the ambiguity associated with working in a fast paced and changing environment
- Experience working in a matrix model, as the BISO supports operational and transformational efforts for a given region or organizational function
- Certified Information System Security Professional (CISSP) or Certified in Risk and Information Systems Control (CRISC) certifications preferred
Vacancy expired!