- Experience Needed:
- More than 3 years
- Career Level:
- Experienced (Non-Manager)
- Job Type:
- Full Time
- Education Level:
- Bachelor's Degree at least
About the Job
- The Information Security Officer (ISO) is accountable for ensuring appropriate controls are in place for the security of information assets.
- The ISO safeguards information by seeing that security risks are identified, assessed and accurately reported. Additionally, the ISO is charged with ensuring local procedures and activities comply with all regulatory requirements and internal policies, procedures, guidelines and standards.
- The ISO is the centre of competence for Information Security providing an advisory services role and acting as the focal point for security compliance related activities and responsibilities.
Key responsibilities & duties
- Running security audits and risk assessments, direct and participate in the identification of security risks, development and implementation of security management practices, and the measurement and monitoring of security protection measures
- Lead the development, documentation and maintenance of information security policies, procedures, and standards across the organization’s departments to address all applicable information security requirements
- Developing and implementing business continuity plans to ensure service is continuous when a change programme is introduced or a security breach occurs or in the event that the disaster recovery plan needs to be triggered
- Ensuring compliance and governance is met, lead the efforts to comply with PCI-DSS , ISO 27001 and ISO 22301
- Protecting the intellectual property of the organization at all times
- Serve as focal point for all information security suppliers
Academic or trade qualifications
- Graduation from an accredited college or university with a Bachelor's degree in Business Administration, Information Systems, Computer Science or a closely related field. A Master's degree in a closely related field is desirable.
Work experience and skills
- 3+ years of work experience with at least 1 years in information security field or similar
- Excellent communication skills – providing verbal and written communication that is outstanding to both direct reports and senior management as well as other stakeholders
- Familiarity with applicable laws and compliance frameworks
- Policy development and administration
- CISM , CISSP or similar certification in information security is preferable.
- Experience in implementing ISO 27001 and/or PCI-DSS is preferable
About this Company
Hammerhead is the parent company to group of specialised subsidiaries in the technology industry, our companies deliver innovative solutions to today's most challenging problems .
See all Careers and Jobs at Hammerhead Technology
We work hand in hand with our customers to ensure technology provides them with value and competitive positioning within their markets.