· Work closely with the Global Office IT Security & Compliance Manager to ensure that Global Office IT meets security and compliance requirements.
· Work with Global Office IT Domains for Objective evidence collection and Security Compliance Gap Closure, remediation of gaps by domains and KPI reporting to management.
· Proven ability to influence and engage with stakeholders inside and outside Global Office IT to agree appropriate solutions for security and compliance requirements
· ISO 27001 (Lead implementer/ Lead Auditor) certified or experience of implementing ISO 27001 framework.
· Experience with SOX testing and IT General Controls (ITGC) framework.
· IT Auditor (Internal/External) preferable.
· Preferably Certified Information Systems Auditor (CISA) and / or Certified Information Systems Security Professional (CISSP) professional.
· IT Risk assessment, risk management experience.
· Working experience of Cyber Security Compliance (Hardening, Anti-virus, Patching, Vulnerability Management etc..) preferable.
· Exposure to I&AM/UAM controls in an IT environment would be preferred.
· Good knowledge of IT Services (e.g. network, server services, Microsoft Products)
· Working experience of Cyber Security controls (Hardening, Anti-virus, Patching, Vulnerability Management etc..) would be preferable
· University degree or comparable qualification with proven ability for abstract thinking and sound methodological approaches
· + 7 years relevant business experience
· Security Certifications (ISO 27001 Internal Auditor or Lead Implementer) or comparable certifications would be preferable
· ITIL Foundation Certification.
· Highlight accountabilities and KPIs for the requisitioned role, which could include (but not limited to)
· Typical outputs - (Key deliverables & KPIs expected from the role holder)
· Impact on Business - (How would the role holder impact/scale of influence Business decisions – strategic/operational)
· Interfaces with Customers, Suppliers & Third parties - (Internal and external stakeholder interactions expected of this role )
· Leadership & Teamwork - (Leadership Direction and accountabilities towards the Team)
· Innovation & Change - (Expectations from this role in driving innovation and change)
· Engage with Global Office IT domains to drive initiatives to close the security and compliance gaps. · Enforce Security Controls as per applicable standards & Regulations (ISO, GDPR etc.) · Implement, Manage and monitor required controls at platform, application and data structure level · Pro-active monitoring and measuring the compliance towards these controls · Work with Service and Solution owners to collect evidence for the CSB controls. · Maintain repository, document version control for each CSB control for the sign off from Cyber Security. · Publish compliance reports on on monthly/agreed frequency. · Risk assessment and mitigation · Assess data security risks during the design/ build stage of demand related to application/service/server Communication Skills : · Strong communication skills required. · Communicates with enthusiasm & clarity · Follow-up & persuades