Beschreibung
We are looking for an Information Security Services ManagerIndustry: Leading International Organisation
Contract opportunity of 3 months – with possible chance of extension
Location: Geneva area, Switzerland
Our contacts within the company take into account our applications as a priority.
We are looking for an Information Security Services Manager on behalf of a leading International Organisation based in Geneva area.
The goal of the department concerned is to confirm that customer’s information security is managed and information assets/technologies are adequately protected.
Main Responsibilities
• Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is managed and controlled by the client organization. Facilitate information security governance through the implementation of a governance program, including an information security steering committee or advisory board.
• Develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices.
• Create, communicate and implement a process for risk management, including the assessment and treatment of identified risks. Work directly with business units and stakeholders throughout the organization on identifying acceptable levels of residual risk.
• Report and oversee treatment efforts.
• Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security.
• Provide regular reporting on the current status of the information security program to senior management and business units as part of a strategic enterprise risk management program.
• Create and manage information security and risk management awareness training programs for all employees, contractors and approved system users.
• Develop and enhance an information security management framework based on the ISO 27000 standards. Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.
• Coordinate information security and risk management projects with resources from the IT organization and business unit teams. Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
• Ensure that security programs are in compliance with relevant rules, regulations, policies and standards to minimize or eliminate risks and audit findings.
• Manage security incidents and events to protect corporate IT assets, including intellectual property, sensitive data and the organization????s reputation.
o Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
o Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals. Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security event. Provide direction, support and in-house consulting in these areas.
o Liaise among external and internal stakeholders, including audit, legal and HR management teams as required, to ensure that the organization maintains an appropriate security posture.
Your Profile
Requirements:
• Sound knowledge of information security technologies.
• Ability to understand technical and business aspects of IT risk, and to communicate those risks to management, business and technical units so that the organization can make informed decisions regarding appropriate levels of information security control.
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, etc.
• Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other similar credentials.
Experience:
• Employment history must demonstrate progressive levels of responsibility.
• Experience in developing information security policies and procedures, as well as successfully executing programs in a dynamic environment
• Consulting experience
The resource should have following soft skills:
• Fluent in English, French is a plus.
• Excellent written and verbal communication skills, interpersonal and collaborative skills.
• High degree of initiative, dependability and ability to work with little supervision.
• High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity.
• Ability to deliver quality results.
If you are interested, please send your CV to Charlotte Curtelin, Recruitment Responsible:
Hadron Finsys GmbH
Gewerbestrasse 6
6330 Cham, Switzerland