Job Opportunity: Information Security Officer
Are you an experienced Information Security professional ready to take on a dynamic role within a fast-paced, highly regulated financial institution? We are seeking a dedicated and skilled Information Security Officer to drive security strategies, manage risk, and lead our organisation's information security initiatives.
As the Information Security Officer, you will report directly to senior leadership and play a critical role in ensuring the confidentiality, integrity, and availability of the organisation's information assets. You will lead the development, implementation, and maintenance of security frameworks and policies while ensuring compliance with regulatory and industry standards.
Key Responsibilities
- Strategic Collaboration: Work closely with IT and business units to integrate security measures into operational processes and provide expert advice on security-related matters.
- Project Oversight: Oversee second-line security risk assessments for new products, systems, and significant business changes.
- Policy Development: Assist in developing and maintaining robust information security policies, standards, and procedures, and ensure they are effectively communicated across the organisation.
- Awareness & Training: Design and deliver security awareness programmes to foster a strong security culture within the organisation.
- Compliance & Reporting: Coordinate with stakeholders to ensure adherence to internal and external regulatory requirements and present security updates to the Information Security Management System (ISMS).
- Incident Management: Lead the response to security incidents and collaborate with internal teams and external partners to manage threats effectively.
- Cloud Security: Define and implement security controls for cloud-based solutions in collaboration with leading providers such as AWS, Azure, and Google.
- Third-Party Security: Manage vendor assessments and mitigate supply chain security risks to ensure the integrity of external partnerships.
- Innovation & Evaluation: Evaluate emerging technologies and conduct proof-of-concept initiatives to enhance the organisation's security posture.
Experience & Skills Required
Work Experience:
- Significant experience in Information Security and Cyber Risk Management within the financial services industry.
- Knowledge of banking products and services, coupled with experience in cross-functional environments.
- Proven ability to assess and communicate Technology and Cyber risks in a clear and concise manner.
- Hands-on experience in developing and implementing security controls for cloud infrastructure and DevOps environments.
- Familiarity with the audit and assurance lifecycle in regulated financial institutions.
Technical Skills:
- Bachelor's degree in Information Technology or a related field.
- 5+ years of experience in Information Security.
- Industry certifications such as CISA, CISM, CISSP, ISO 27001, or equivalent.
- Technology and Cyber Governance Frameworks (ISO 27001, NIST, COBIT).
- Cloud Security Architectures (AWS, Azure, Google).
- Threat and Vulnerability Management.
- Incident Detection and Response.
- Data Governance and Risk Escalation.