Senior Security Systems Manager - IT - Information Security Management - AVP
The Information Security Manager is responsible for Information Security Governance, Risk and Compliance. The role will ensure that the group-wide information security management system is operating effectively to manage risk within the defined appetite. The role will be tasked with addressing the unique business objectives against the inherent security threat and risk profile applicable to critical national infrastructure.
- Develop a security governance function including facilitation of Information Security Committee.
- Lead refresh of annual Policies, Standards, Information Security Strategy and Roadmaps.
- Develop and manage Information Security compliance function.
- Maintain Information Security policies and controls, based on industry standards and best practices which incorporate all applicable legislative and regulatory requirements;
- Work closely with IT management and other IT teams to ensure effective security design and operation of both business and technical controls.
- Develop and maintain an Information Security dashboard andmetrics that provide an accurate representation of the information security risk profile and relevant cyber threats.
- Provide effective response and support to compliance or regulatory exercises.
- Coordinate and oversee timely completion of internal and external audits and control assurance findings.
- Ensure Information and Cyber Security risks are logged, identified and reported regularly to Information Security Committee and Group Technology Risk Management.
- Build a security culture within IT by providing guidance, awareness and advocacy of Information Security.
- Work closely with Risk, Legal and Compliance team to handle high profile breaches and incidents. Help identify effective responses following the Security Incident Response Process.