Description
This position will work alongside the current Network/infrastructure teams to define Information Security requirements, for a range of developments of security infrastructure and capabilities.
* Managing and conducting supplier risk assessments including report output and recommendations.
* Reviewing proposed additions or changes to infrastructure that impact security or compliance.
* Advising & supporting management on Compliance and Security issues.. Assisting with ensuring that CIO as a reporting entity meets appropriate security standards in line with requirements set out by Sarbanes Oxley Legislation (conducting SOX IT control procedures).
* Assisting in remedial action taken as a result of failures from a security or governance perspective
* Providing guidance and support to Affiliates on IT security or governance related topics, where necessary.
* Producing monthly & quarterly progress/status reports.
* Assisting with incident management and investigation.
* Liaising with external vendors to ensure products meet baseline security requirements as defined by policy.
Business experience:
Three years solid experience in a role of this type
* Extensive understanding of Information security management best practices, including knowledge of policies and standards (ISO27001 and BS7799)
* An in depth knowledge of network security management technologies including Firewalls, Cisco, Databases, Unix, Windows and Middleware.
* Must have the ability to coordinate and manage a number of IT Security related projects.
* Must be capable of providing easy to understand documentation and training materials supporting the security infrastructure and associated security capabilities skills in vendor risk assessment and assurance