Information Risk Consultant (IRM)
Posted on Jan 28, 2020 by IDC Technologies Solutions Ltd
We need profiles with people who have change, marketing and strong communications experience.
We are looking for cyber experience and not just people who have done IT implementations.
The purpose of the IRM Function is to ensure addressing Information Risks in an effective and efficient manner, commensurate with risk appetite, and being seen as an industry leader among peers and key suppliers of security services.
The Information Risk posture of includes a wide variety of potential business impacts, such as HSSE impacts, production loss, financial and maintenance operations loss, loss of Most Confidential data. Each of these Information Risks has a potential impact of $1bln+.
The IRM Function defines requirements for the assessment of Information Risks, defines the selection of mandated IT Controls, and defines and executes assessments of the design and operational effectiveness of these controls. The function organises a communication campaign to impact the behaviour of business and IT staff where it relates to information risks.
In addition to these preventative measures, the IRM Function includes a Cyber Defence function to understand the cyber threat landscape and the vulnerabilities to cyberattacks in IT systems and services, to detect malicious behaviour and to respond to incidents.
Given the Cyber threat landscape and its development, it is critical that the IRM Function collaborates closely with suppliers and industry peers and collaborates effectively with government agencies in key countries that operates in.
Position description - Purpose
This role is responsible for driving the Think Secure communication, change and engage campaign.The role supports staff to effectively know and behave in a manner to protect information assets. The Think Secure Campaign Lead ensures that the right behavior campaigns are started and managed to educate all employess, specific businesses, the Senior Executive Group and IT on security topics required to ensure staff know how to think, act and be secure in how they handle information assets.