The Role
Deputy CISO is responsible for assisting CISO in implementation of Information Security Strategy and Information Security Program for Bank. Deputy - CISO would assume more tactical and operational role for managing day to day operations of ISO and stand in for CISO in officiating capacity during his absence.
Processes Managed
a. Manage and mentor ISO team.
b. Extend support to CISO on security governance
c. Development, maintenance, communication, and distribution of information security policies.
d. Planning & organization of ISO resources.
e. Collaborate with business heads/business managers & IT function heads/managers and security liaisons on information security issues.
f. Supervision of security management functions as directed by CISO.
g. Facilitation and coordination of internal and external audits
h. Maintenance of Information Security Management System (ISMS)
i. Extend support to other group companies on information security related issues.
j. Vendor Management
Duties and Responsibilities
a. Identify, deploy and develop within ISO team
b. Conduct performance appraisals for ISO team for CISO’s review
c. Handle day to day security operations
d. Escalate issues to CISO that require higher level decision making
e. Keep CISO informed about general performance of ISO department
f. Review and approve internal ISO requests such system access or for internal ISO process related requests
a. Ensure that ISO staff are trained as per their job role.
b. Conduct vendor reviews and SLAs.
c. Manage and improve ISMS in-line with ISO 27001 standard.
d. Preparing ISO reports for CISO review.
e. Develop and maintain department capabilities as per security program requirements
f. Development of information security policies and procedures
g. Handling exception to information security policies and standards
h. Coordinating response and closure of audit findings.
i. Advise security administration staff on normal and exception processing of security authorization requests.
j. Help resource owners and IS staff to understand and respond to security audit failures reported by internal and external auditing departments.
k. Work with resource owners in business units to determine appropriate security policies for securable resources.
Requirements
Knowledge Skills and Abilities
• Strong business acumen and a solid foundation in information technology,
including change management and project management experience.
• Ability to establish and maintain effective working relationships with City
officials, State and Federal officials, departmental managers and community,
business and related public groups. Successfully work with policy level decision
makers with varying levels of understanding of technical issues, including
legislators, department directors, and private sector business executives.
• Ability to apply innovative thinking in conjunction with a technical understanding
of emerging technologies to address needs and problems of providing services to
governments and/or large organizations.
• Ability to communicate effectively, both orally and in writing. The ability to
speak and testify effectively before governmental and legal bodies and
commissions, the media and community and business groups.
• Assess and solve complex problems; devise methodologies and solutions; perform analyses; relate relevant information about hardware and software operations, data management and analysis in management applications and interactions; and interpret results.
• Ability to review and modify business processes to meet the ever changing needs of a complex and dynamic environment.
• Proven ability to produce reports and papers on policies, advocating appropriate
initiatives to governments, partners and related organizations.
• Demonstrated experience in providing leadership to support a clear IT vision and
the ability to execute decisions.
• Knowledge and experience in the principles and practices of systems analysis,
computer programming, computer operations, and a wide variety of electronic
data processing equipment, IT hardware and software applications to support an
emerging IT department.
• Knowledge of the principles, practices and procedures of management and
administration.
Desirable Education and Experience
• A bachelor’s degree from an accredited college or university and five years of
increasingly responsible management experience in Information Technology, Information
• Management Systems, Computer Science, Project Management, Geospatial Management, and/or related technical degrees or coursework. An equivalent combination of education and/or experience may be acceptable.
• Master’s Degree and experience in public sector is a plus.
Contact:
Bespoke Professionals
P.O.Box 82204,
Kingdom of Bahrain
Tel. +973 770 455 02
Tel. +973 770 455 03
info@bespokeprofessionals.com
Deputy CISO is responsible for assisting CISO in implementation of Information Security Strategy and Information Security Program for Bank. Deputy - CISO would assume more tactical and operational role for managing day to day operations of ISO and stand in for CISO in officiating capacity during his absence.
Processes Managed
a. Manage and mentor ISO team.
b. Extend support to CISO on security governance
c. Development, maintenance, communication, and distribution of information security policies.
d. Planning & organization of ISO resources.
e. Collaborate with business heads/business managers & IT function heads/managers and security liaisons on information security issues.
f. Supervision of security management functions as directed by CISO.
g. Facilitation and coordination of internal and external audits
h. Maintenance of Information Security Management System (ISMS)
i. Extend support to other group companies on information security related issues.
j. Vendor Management
Duties and Responsibilities
a. Identify, deploy and develop within ISO team
b. Conduct performance appraisals for ISO team for CISO’s review
c. Handle day to day security operations
d. Escalate issues to CISO that require higher level decision making
e. Keep CISO informed about general performance of ISO department
f. Review and approve internal ISO requests such system access or for internal ISO process related requests
a. Ensure that ISO staff are trained as per their job role.
b. Conduct vendor reviews and SLAs.
c. Manage and improve ISMS in-line with ISO 27001 standard.
d. Preparing ISO reports for CISO review.
e. Develop and maintain department capabilities as per security program requirements
f. Development of information security policies and procedures
g. Handling exception to information security policies and standards
h. Coordinating response and closure of audit findings.
i. Advise security administration staff on normal and exception processing of security authorization requests.
j. Help resource owners and IS staff to understand and respond to security audit failures reported by internal and external auditing departments.
k. Work with resource owners in business units to determine appropriate security policies for securable resources.
Requirements
Knowledge Skills and Abilities
• Strong business acumen and a solid foundation in information technology,
including change management and project management experience.
• Ability to establish and maintain effective working relationships with City
officials, State and Federal officials, departmental managers and community,
business and related public groups. Successfully work with policy level decision
makers with varying levels of understanding of technical issues, including
legislators, department directors, and private sector business executives.
• Ability to apply innovative thinking in conjunction with a technical understanding
of emerging technologies to address needs and problems of providing services to
governments and/or large organizations.
• Ability to communicate effectively, both orally and in writing. The ability to
speak and testify effectively before governmental and legal bodies and
commissions, the media and community and business groups.
• Assess and solve complex problems; devise methodologies and solutions; perform analyses; relate relevant information about hardware and software operations, data management and analysis in management applications and interactions; and interpret results.
• Ability to review and modify business processes to meet the ever changing needs of a complex and dynamic environment.
• Proven ability to produce reports and papers on policies, advocating appropriate
initiatives to governments, partners and related organizations.
• Demonstrated experience in providing leadership to support a clear IT vision and
the ability to execute decisions.
• Knowledge and experience in the principles and practices of systems analysis,
computer programming, computer operations, and a wide variety of electronic
data processing equipment, IT hardware and software applications to support an
emerging IT department.
• Knowledge of the principles, practices and procedures of management and
administration.
Desirable Education and Experience
• A bachelor’s degree from an accredited college or university and five years of
increasingly responsible management experience in Information Technology, Information
• Management Systems, Computer Science, Project Management, Geospatial Management, and/or related technical degrees or coursework. An equivalent combination of education and/or experience may be acceptable.
• Master’s Degree and experience in public sector is a plus.
Contact:
Bespoke Professionals
P.O.Box 82204,
Kingdom of Bahrain
Tel. +973 770 455 02
Tel. +973 770 455 03
info@bespokeprofessionals.com