Description
Information Security Manager
6-12 Month Daily Rate Contract
Good Daily rates - Get in touch
Start date is ASAP -
Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organisation.
Facilitate information security governance through the implementation of a hierarchical governance program, including the formation of an information security steering committee and governance board.
Create, communicate and implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants and other service providers.
Qualifications
Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, desirable.
Skills and Knowledge
Overall security knowledge (functional and technical), including risk management methodology, policy, audits, operational security and understanding of legal and compliance topics
Knowledge and understanding of relevant legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPzA) and Payment Card Industry/Data Security Standard.
Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT and ones from NIST.
Experience
Minimum of 8 years of experience in a combination of risk management, information security and IT jobs. At least four must be in a leadership role. Employment history must demonstrate increasing levels of responsibility.
Proven track record and experience in developing information security policies and procedures, as well as successfully executing information security programs across organisations' different business functions.