Head Of Information Security

Full time @Naga Markets in IT / Software Development Email Job
  • Share:

Job Detail

  • Remote Job No
  • Experience 8 Years +
  • Academic Level BachelorMasters

Job Description

NAGA is looking to hire a Head Of Information Security.

Purpose of the role:

The Head of Information Security is responsible for establishing the right security and governance practices and enabling a framework for risk-free and scalable business operations in a challenging business landscape.

The Head of Information Security should have a solid background in computers as well as experience working in environments where they will be exposed to various problems, whether they are related to physical security, cybersecurity, or informational issues.

 

Missions:

  • Information security management
  • Identify security protection objectives and parameters based on the company’s strategy, Information Security plan and priorities
  • Actively maintain an ISMS (Information Security Management System) in accordance with international standards
  • Responsible for the active monitoring and enhancement of the various CISO dashboards and other information management tools. and other information sources in the CISO world and initiates appropriate corrective actions within the organisation
  • Manage the Cyber Security
  • Follows up on the actions defined in the internal and external IT audits within the IT organisation and provides monthly feedback on this to the IT management and internal administration

 

Governance, Policies And Awareness:

  • Responsible for the preparation, approval, communication, compliance and monitoring of the following PSPGs (policies, standards, procedures and guidelines) concerning information security and data protection within the agreed frameworks and legal regulations according to the agreed review cycle
  • Responsible for the implementation and dissemination of a long-term company-wide information security awareness, internal communication and training initiatives to raise awareness of information security and privacy risks among internal and external employees and to teach them best practices
  • Collaborate with Compliance in policy implementation, security policy enforcement and security management

 

Coordination And Management:

  • Responsible for the operational coordination and management of one or more projects, and initiatives within the information security department (priorities, budgets, resource planning and projects).
  • Within the Cyber Security and Information Security office, liaise with other departments such as IT, Dealing, Operations and Compliance including Data Protection in terms of priorities
  • Work closely with the IT PMO to align with existing IT project processes

 

Reporting:

  • Prepare quarterly reports on Information Security areas for the Board
  • Responsible for the drafting, preparation and follow-up of progress reports (progress, budget, resources, planning, project models) on these initiatives at senior management level
  • Responsible for drafting, preparing and following up reports on the findings of the safety scoreboards

 

Knowledge Development:

  • Keep abreast of new developments in Information Security areas and examines how these can be applied within the customer base
  • Keep abreast of new security threats and market developments
  • Continuously attend training courses, seminars, etc.

 

Problem solving:

  • Translate the Information Security strategic plan into objectives, measures and actions
  • Ability to execute several projects in parallel
  • Ability to draft and implement frameworks, procedures, policies, standards, awareness programmes, etc.
  • Analysing security incidents and being able to provide solutions
  • Carry out a proper risk assessment
  • Giving and preparing presentations to senior management and the Board
  • Be able to keep your knowledge up to date in a rapidly changing field (trends, technology, …)
  • Deal with queries, complaints and incidents
  • Bound by the information security policy and vision. plan, ISO2700x, applicable legislation (GDPR, NKI, NIS, …) and international standards
  • Weekly contact with the different IT departments for the coordination and direction of the following information security project activities
  • Direct contact with the Data Protection Officer and Risk Manager to exchange audit results and IT compliance violations
  • Targeted liaison with the HR & Marketing department for the implementation of the Information Security awareness programme

 

External contacts:

  • Monthly contact with security liaisons, internal audit, enterprise risk
  • Targeted contacts with IT outsourcing partners regarding incidents, monitoring and coordination of outsourcing activities
  • Targeted contacts with external auditors for supervision of external audits or discussion of audit findings and/or follow-up

 

Requirements:

  • Engineering and/or Master’s level knowledge or equivalent through experience
  • 10+ years of relevant work experience in managing IT infrastructure and/or Systems Development, preferably in a brokerage firm
  • In-depth knowledge of ISO2700x, PCI
  • Knowledge of security architecture and controls
  • Knowledge of IT processes and technologies
  • Excellent knowledge of brokerage firm environment

 

NAGA Benefits

  • An attractive remuneration package based on experience and qualifications
  • Excellent working environment with opportunities for personal and professional development
  • Medical insurance coverage after 6 months of employment
  • Training and career development

Other jobs you may like