CHIEF INFORMATION SECURITY OFFICER (CISO)
Numéro
32119784
Date
29/06/2022 04:01:56
Societé
OGS
Niveau d'éducation
Master
Description
A senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats.
Job Responsibilities :
Responding to data breaches and other security incidents.
Anticipating, assessing and actively managing new and emerging threats.
Developing, implementing and maintaining security processes within departments - especially IS / IT (e.g. automated or manual security checks for delivered production code for products and services).
Working with other executives across different departments to align security initiatives with broader business objectives and mitigate the risks various security threats pose to the organization's mission and goals.
Establish and revise the information security strategy, policy and standards for change management and control with input from interest groups and subsidiaries.
Facilitate and coordinate the necessary countermeasures to change management and control initiatives and evaluate such policies and standards.
Establish the security requirements for change management and control directives and approval of the change management and control standards and change control/version control products.
Co-ordinate the overall communication and awareness strategy for change management.
Establish and co-ordinate appropriate interest group forums to represent, feedback, implement and monitor change management and control initiatives;
Co-ordinate the implementation of new or additional security controls for change management.
Acknowledge the change impact assessments.
Working as an internal and external security expert.
Becoming a trusted business advisor, a teacher, mentor and a colleague in other departments related to the position responsibilities.
Establishing a security focus team as required.
Maintaining a secure environment like PCI-DSS.
Implementing position related projects like SIEM by directly coordinating assigned team and/or specialists through project management and delivery process.
Conducting and/or coordinating security audits internally and externally.
Activities :
Analysis of standards, legal acts and other documents establishing cyber and data security standards adopted by the Republic of Lithuania, the EU and other international organizations.
Ensuring compliance with established cyber and data security requirements.
Identification, analysis and assessment of risks arising from data processing and information security.
Identifying, assessing and proposing improvements to missing cyber and data security capabilities.
Gathering information on cyber and data security and analyzing cyber and data security threats.
Participation in the development of cyber and data security capabilities.
Preparation of company policies, information security issues.
Advising the employees of the institution on GDPR issues.
Monitoring and enforcing compliance with GDPR requirements in the institution.
Cooperation with the supervisory authority in the field of personal data protection.
Submission of quarterly reports to the Head of the Institution.
Execution of other work assigned by the immediate supervisor.
Implementing direct duties in accordance with the requirements of applicable legal acts, the procedures of the Institution, and other internal acts regulating the performance of the employee's functions and duties.
Working as a part of the Information Systems Department on security-related projects as a Product Owner.
Implementing security-related processes within other departments.
Hiring security personnel as required.
Creating periodic reports on the company's security situation.
Assisting company as a main contact for external audits like PCI-DSS certification.
Would be considered a benefit :
A degree in a related field such as Computer Science, IT, or Cyber-Security;
Certification in one or more of the following: GIAC, CISSP, CISM, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security +, or other comparable security certifications or acknowledged courses;
Commercial experience in financial services or fintechs.
What we offer :
excellent work conditions – flexible working hours under the hybrid working model;
continued growth and professional development;
a friendly and supportive international team;
workcations and team-building activities