To provide relevant expertise in information security and resilience providing expert advice, control and guidance to protect the company from loss, service disruption, prosecution and other damage.
You will be accountable for:
• Providing expertise in relation to information security and resilience by acting as the primary l professional expert and first point of contact within market; acting as a champion and role model for others, providing guidance and advice;
• Implementing the global strategy with contributing to and implementing local strategy, policy, internal control frameworks, procedures, standards and awareness for information security and resilience by working as part of a global group of information security & business continuity experts. You will also execute risk assessments and monitor risk treatment actions as part of market level risk management frameworks relating to information security and BCM;
• Developing and reviewing processes that contributes to the monitoring of compliance to these strategies and policies at a Country-level; including compliance to regulatory requirements. You will also specifically be responsible for reviewing processes and systems for information security and resilience and making recommendations to improve the design, efficiency and / or effectiveness of activities and controls;
• You will support the local Loss Prevention Field Team to resolve issues related information security and resilience;
• You will be the key liaison point with relevant country-specific regulatory and law enforcement agencies for information security and resilience within market; monitor the regulatory changes, propose and monitor of implementation of required changes;
• You will report the detected information security or business continuity incidents; execute investigations into serious incidents of information security or service disruption; propose, follow up and report the progress of recommendations for corrective actions to ensure lessons identified are cascaded in the market;
• You will ensure that all employees are aware of their responsibilities around information security and business continuity by ensuring that all training and induction materials are developed in-line with latest regulations and internal policy and ensuring delivery of these materials by planning and scheduling information security & business continuity awareness, education and training activities for the market - in consultation with HR;
Requirements of the Role
• University Degree;
• Must gain a professional qualification at least one of the followings: CISA / CISM / CISSP / CRISC / SSCP/ (BCI / DRII ) within 12 months of starting the role:
• In depth knowledge of local and international data protection frameworks;
• Knowledge of BCM related legislation, ISO Frameworks and ISO 22301;
• Knowledge of local and international information security frameworks (e.g. ISO27001);
• In-depth knowledge of the markets that we operate in, our competitors and our customers at a global level;
• Understanding of change management processes, tools and techniques:
• Demonstrated ability to, implement, monitor and review the protective and preventative measures required to minimize losses of information or service disruption;
• Negotiating skills – up to and including Directors level, presentation skills – up to and including Board levelThe ability to make professional decisions, under time pressure;
• Well-developed problem solving and analytical ability to determine root causes and identify appropriate corrective actions and plans;
• Ability to plan for over a 1 year period; understanding the organization’s long-term goals and aligning departmental strategy;
• Staying up-to-date on industry trends and implementing best industry practice to maintain the company’s competitive advantage;
• Excellent communication skills, including active listening;
• The ability to spot, select and develop talent.
• Experience in implementing and managing information security and BCM DR against ISO27001 and ISO22301;
• Experience in SIEM/IDS/IPS/DLP/SOC operations;
• Experience in information security investigations into major incidents and producing reports that reveal root causes and recommend corrective actions;
• Compliance monitoring and audit against agreed standards and regulation;
• Experience in delivering presentations and reports to senior stakeholders and leaders;
• Cross-functional working as part of a team of experts and leaders;
• Executing strategy and leading change to deliver that strategy including collaborative working with other functions;
• Experience of working in an international or multi-national organization;
• Delivery of professional development training to other workers.
Proficient in verbal and written business English;
Excellent PC user skills and experience of working with Microsoft Office software (to include PowerPoint, Word, Outlook, Excel);
This role requires frequent travel – both domestically and internationally - and therefore the ability to travel internationally is a requirement of the role.
- A great working environment;
- A nice and flexible team;
- Challenges and opportunities;
- A motivating financial package: 7000/7500 lei net plus bonus plus benefits.