Job Purpose: Leads and manages VSO’s overall approach to data security and information protection. Plans, analyses, designs, configures, tests, implements, and maintains VSO’s information security infrastructure responsive to business requirements and applicable regulations.
Job Responsibilities:
Develops and manages VSO’s overall approach to data security and information protection
Align standards, frameworks and security with overall business and technology strategy
Design’s security architecture elements to mitigate threats as they emerge
Audits the collection, use and retention of all personal data within VSO
Ensures all VSO policies around data protection and information security are up to date and fit for purpose
Defines, implements, and maintains corporate security policies
Leads on the identification of data security and information protection risks across the organization and works with stakeholders to develop and implement mitigation plans, escalating issues as appropriate
Acts as a subject matter expert on data security for projects looking to implement new tools, products, or processes.
Supports the Global IT Operations Manager to achieve the highest standards of information security across VSO’s network
Oversees maintenance of systems to protect data from unauthorized users
Develops and maintains process maps, which show how data flows through the organization
Leads and facilitates organizational training and communications around data security and information protection issues.
Oversee incident response planning as well as the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as necessary.
Implements measures to protect digital files and information systems against unauthorized access, modification, or destruction
Maintains data and monitor security access
Develops strategies to respond to and recover from a security breach
Coordinate’s security plans with outside vendors
Develop or implement tools to assist in detection, prevention, and analysis of security threats
Develops modules and leads on awareness training on information security standards, policies, and best practices
Conducts periodic network scans to find any vulnerability
Other duties commensurate with the post as required.
Knowledge/qualifications:
Degree in Information Technology, Computer Science, Software Engineering, or related field
Knowledge of Information Technology security issues and approaches to manage Information
Technology security.
Knowledge of data protection operations and legislation (GDPR)
Experience:
Experience of identifying risks in data security management processes, developing, and implementing remedial action.
Excellent communication, influencing and stakeholder management skills
Experience of working across teams to deliver solutions and generate high levels of internal buy-in
Excellent project management skills and experience of leading on data security projects across multiple locations.
Experience of developing and delivering training.
Experience of developing and implementing data security policies and protocols.
Experience of working in a culturally diverse environment
Skills/Abilities:
Administering information security software and controls
Analyzing security system logs, security tools, and data
Communicating up, down, and across all levels of the organization
Creating, modifying, and updating Intrusion Detection Systems (IDS)
Creating, modifying, and updating Security Information Event Management (SIEM)
Deep understanding of risk management frameworks
Familiarity with security regulations and standards
Installing firewall and data encryption programs
Maintaining security records of monitoring and incident response activities
Monitoring compliance with information security policies and procedures
Providing timely and relevant security reports
Strong technical background in data loss prevention
Training organizations on security measures
Technical requirements:
Advanced technical knowledge and understanding of: Window OS, Windows Server, O365,
Azure, AD, DHCP, DNS, VPN, Networking, Firewalls, Routers, VMware, Enterprise AV, Cyber
Security, Encryption, Cisco Meraki, DMARC,Endpoint Management
Desirable:
At least one recognized security certification:
Certified Ethical Hacker (CEH)
CompTIA Security+
Certified Information System Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Apply via :
al.org
