Chief Information Security Officer
Responsible for the organisation's entire security posture, to oversee and coordinate security function of the organisation, including the overall security strategy and security architecture development
Description:
Identifies security goals, objectives and metrics consistent with corporate strategic plan
Develops and maintains information security strategies
Sets and manages the development and implementation of security policy, standards, guidelines and procedures
Ensures security issues are met with timely and appropriate responses to minimize their impact(s) on business processes
Advises top management on information security and assurance issues
Establishes an information security and risk management functional capability and framework across the organization
Manages the design, implementation, operation and maintenance of Information Security Management System (such as ISO/IEC 27001, ISO/IEC 22301 series standards)
Collaborates with other business representatives to facilitate a standardized approach and governance structure to information security and risk
Ensures ongoing analysis of information security threats, trends and vulnerabilities
Oversees the execution of approved information security projects
Ensures that strategic information security and risk guidance provided to third-party suppliers is in accordance with internal frameworks
Monitors, manages and deploys security controls as appropriate to support business needs while minimizing risk
Ensures proper management and analysis of security information and events
Works with other executives to prioritize security initiatives
Postgraduate degree in Information Security/Computer Security/Information Technology
Information Security Certifications e.g. Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)
At least 10 years of experience in Information Security and at least 2 years of experience at a managerial position
Interpersonal Relationship
-Listens actively, respects others and takes into account different points of view and integrates them
-Proactively resolves interpersonal or personal matters that could affect performance
-Demonstrates an understanding of the roles and responsibilities of team members and balances own needs and those of the team or organisation
-Develops and maintains effective relationships
-Takes responsibility for ensuring effective collaboration and takes necessary measures to enforce them
Initiative
-Is aware of goals, processes and performance standards of the team
-Demonstrates a behavior based on action, sets priorities and uses time effectively
-Works independently and proposes solutions according to the requirements
-Manages work activities according to the changing priorities of the organisation
-Welcomes new or different solutions and approaches and maintains a positive and constructive attitude towards change, setbacks or stressful situations
-Adopts changes, identifies warnings (i.e. trends, potential problems) and notifies those involved
Commitment and Collaboration
-Shares information in general while respecting the applicable procedures
-Adjusts own approach and communication according to the audience and the circumstances
-Promotes excellence and recognizes the contribution and the success of others
-Consults colleagues, partners, customers, users and other stakeholders and acts accordingly in response to their concerns
-Adopts changes, identifies warning signals (i.e. trends, potential problems) and notifies those involved
-Organises work, from the level of task planning to implementation, ensuring overall efficiency
Analysis and Innovation
-Plans and adjusts work based on a thorough knowledge of the requirements of the position and seeks clarification and guidance, whenever required
-Establishes a global perspective from information gathered from various sources
-Exercises a sound judgment and ensures to have all relevant facts before making a decision
-Has the ability to step back and review the approach
-Is able to translate general direction and guidance into concrete work activities
-Brings improvements based on solutions, approaches, products or innovative services
-Communicates effectively and makes thoughtful recommendations to the management
Values and Ethics
-Demonstrates a sense of values and ethics personally and professionally
-Discusses internal concerns with superiors or colleagues and, if necessary, uses appropriate mechanisms to seek advice or to disclose a misconduct
-Actively contributes to the well-being at the workplace and in the building of a safe, healthy and respectful work environment
Leadership
-Gives clear direction and instruction. Builds others’ confidence, making them feel better equipped to do their jobs
-Supports team development. Gives others opportunities to practice new skills and capabilities, and provides or arranges coaching. Works to provide a supportive environment by securing necessary resources and removing blocks to effective working
-Is a role model for effective leadership. Sets a strong example through own behaviour. Gives timely and specific feedback on what has been done well and where there is room for improvement. Helps individuals think through issues for themselves
-Communicates and gains team commitment to achieve a shared vision. Inspires and empowers others to overcome difficulties and achieve goals. Nurtures strong team identity and pride
Other Competencies
-Good level of both written and spoken English and French
-Working knowledge of IT laws and networks with relevant security agencies
-Assertive, rigorous and disciplined
-Strategic thinking, decision making
-Customer focus
-Quality and improvement focus
-Leadership and resilience
-Ownership and achievement focus