ICT Security Manager, CEH, CISM, CISSP, CISA
Posted on Oct 5, 2019 by Eximius Group Limited
My client, an industry leading European consultancy, are in search for an ICT Security Manager.
- Perform a business impact assessment to identify the IT security needs based on the required levels of confidentiality, integrity and availability of the IT system. Security measures shall be selected to mitigate identified risks, be aligned with the business needs of the IT system and comply with rules and legislation,
- Draw up security plans that shall contain the key output of the IT risk management process, in particular, the IT security needs, IT security measures and selection rationale, residual risks, risk acceptance criteria and exceptions with a timespan of their validity,
- Consult/assist on the implementation of the operational IT security measures identified for the IT system in the IT security plan,
- Consult/assist for the specification of IT security requirements,
- Consult/assist that the design, installation and implementation of the system are in accordance with the IT security requirements of the IT system and the IT security standards,
- When an IT system is acquired from a third party (Commercial Off-The-Shelf), assess the functionality and security of the system against the IT security requirements,
- Support the specification of IT security requirements, the definition of IT security architecture, and the implementation and verification of security measures during an IT project,
- Ensure good quality by performing code reviews and security tests - audits of applications prior to their deployment in production or for application already in production,
- Manage security tests,
- Participate in meetings (on site or over videoconferencing) if requested.
- Good knowledge of information systems security,
- Good knowledge of IT security standards,
- Knowledge of security management methodologies and tools,
- Good experience with quality procedures,
- Capacity in preparing and writing studies,
- Certification eg CEH, CISM, CISSP, CISA or equivalent
- Capability to speak to and interface with business and technical audiences,
- Good redaction skills,
- Ability to apply high quality standards,
- Ability to participate in multi-lingual meetings, good communication skills.