System Security Engineer - Associate
IAMOPS is looking for Chief Information Security Officer (CISO). In this position, he/she will be responsible for establishing the right information security and governance practices and for enabling a framework for risk-free and scalable business operations in the challenging business landscape
- Develop, implement, and monitor strategic, comprehensive enterprise information security policies and IT/IS risk management program
- Develop and enhance an information security management framework for IAMOPSas well as responsible for our clients and act as their CISO.
- Formulate and Review IS Strategy of the organization and implement information security technologies as required to improve security posture
- Creation and periodic review of InfoSec Policy and Process including DR and BCP process.
- Participate and work with internal IT audit and regulatory audit teams and internally coordinate within IT and various departments to ensure closure of audit points.
- Formulate and work with various committees to ensure the consistent application of policies and standards across all technology projects, systems and services
- Develop and manage the Information Security Awareness Program.
- Provide leadership to the enterprise’s information security organization
- Partner with business stakeholders across the company to raise awareness of risk management concerns
Desired Candidate Profile
- A candidate with 5 years of experience in IT security is preferable.
- Knowledge of common information security management frameworks, such as ISO 27001/HIPAA/HITRUST/SOC2 and NIST.
- Certified in CISA is an added advantage.
- Should possess working experience (i.e., technical hands-on experience) in a cyber/IT audit role.
- Should possess good analytical and critical thinking skills in order to evaluate control adequacy and operating effectiveness
- Certified in cyber/IT security (e.g., CISSP) Preferred.
- Must be able to work independently as well as in a team.
- Experience in handling or conducting IS audits for IAMOPS and for our clients.
- IT Risk assessment experience is a plus.
- Attended ISO 27001 Lead auditor training and have a good working knowledge of IS27001 standard/ PCI DSS compliance and other compliance related to the payments industry.
- Passionate, curious and ready to learn new technologies.
- Willing and able to meet a challenge head-on, solve problems independently and make things happen.
- Interested in working with a global team.
- Open-minded, flexible, and thrive in a highly dynamic, fast-paced, ever-changing environment.