Job description
Security & Risk Officer responsibilities :
Risk:
1. Develop an organization’s cybersecurity risk management strategy
2. Assist asset management team in getting the inventory done right, maintainable, and usable for risk management
3. Identify and assess cybersecurity-related threats and vulnerabilities of ICT systems
4. Identification of threat landscape including attackers’ profiles and estimation of attacks’ potential
5. Assess cybersecurity risks and propose most appropriate risk treatment options, including security controls, risk mitigation and avoidance that best address the organization’s strategy
6. Develop, maintain, report and communicate complete risk management cycle
7. Monitor effectiveness of cybersecurity controls and risk levels
Awareness:
8. Advocate risks management practices with management/business owners.
9. Lead the development/delivery of the cybersecurity curricula and educational material for training and awareness based on content, method, tools and trainees need.
10. Lead the development/delivery of cybersecurity and data protection awareness-raising activities.
General:
11. Contribute to the development of the organization’s cybersecurity strategy, policy and procedures
12. Assist in designing, implementing, auditing and compliance testing activities in order to ensure cybersecurity and privacy compliance
Your profile
13. Excellent leadership and communication skills (pick it up and walk with it)
14. Able to communicate abstract and sometimes technical topics to a business audience
15. Able to work independently and drive change (but know when to escalate when you get stuck)
16. Experience with developing, communicating and enforcing security policies, guidelines and procedures
17. Broad knowledge of security, controls, risk & compliance standards and frameworks e.g. ISO27001, ISO27100, CIS, CSA, NIST, OWASP, etc…
18. Experience with identifying and addressing cyber threats and vulnerabilities in an international and industrial environment
19. Knowledge of cybersecurity-related technologies and controls
20. Knowledge of cybersecurity related laws, regulations and legislations
21. Experience with cybersecurity awareness, education and training program development
Required experience5 years We offer
22. An exciting job in a leading dynamic company with no-nonsense culture
23. New team and strategy within a vast company with lots of possibilities of growth
24. A job with high responsibility and lots of variety
25. An attractive salary package