Recruiter: VIVA
Location: Bahrain - Manama
VIVA1278 - Manager - Information Security
Closing Date: 26-Jun-2015
Note: you will be required to attach the following:
1. Resume / CV
2. Passport-size photograph
Location: Bahrain - Manama
VIVA1278 - Manager - Information Security
Closing Date: 26-Jun-2015
Job Objective:
Provide
leadership and strategic direction for the Information Security
Management function and to bring the organization’s information and data
security risks under explicit management control through the
Information Security Management System and the related control
framework.
Key Responsibilities:
Provides
leadership and strategic direction for the function, ranging from
planning and budgeting to motivational and promotional activities
expounding the value of information security.
Assumes responsibility for all aspects of PDCA cycle for the Information Security Management System, as follows: Establishes the Information Security Management System, Implements and operates the ISMS, Monitors and reviews the ISMS, Maintains and improves the ISMS, Manages the resources of the ISMS, Manages the training, awareness and competence about ISMS, Manages the internal ISMS audits and Establishes suitable controls in the ISMS.
Manages Information Management systems to improvement initiatives.
Responsible for ensuring that all managers, process owners and supervisors develop and maintain their part of the process related to information and data security management systems.
Develop the information and data security goals and targets in the Organization’s and Sector’s strategic plan.
Responsible for supporting the development and maintenance of Information Management Systems / Standards.
Leads the design, implementation, operation and maintenance of the Information Security Management System based on the ISO/IEC 27000 series standards, including certification against ISO/IEC 27001 where applicable.
Reporting and Monitoring of the information security management system (including Risk Assessment, Risk Treatment, Info Security KPIs).
Liaises with, provides various stakeholders to develop mediation and corrective action plans to related governance functions throughout the organization as necessary, on information security matters such as routine security activities plus emerging security risks and control technologies.
Leads, performs or commissions information security risk assessments and assess the control environment of the business processes and applications under review, including both manual and automated processes in accordance with the information security program.
Assists both internal and external audits relating to information security as well as performing independent audits to validate completeness and accuracy of the information security program.
Leads or commissions the preparation, authorizes the implementation and revises the necessary information security policies, standards, procedures and guidelines, in conjunction with the appropriate Information Security Body in VIVA.
Leads the development and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations.
Leads or commissions activities relating to contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties.
Leads or commissions suitable information security awareness, training and educational activities and material.
Assumes responsibility for all aspects of PDCA cycle for the Information Security Management System, as follows: Establishes the Information Security Management System, Implements and operates the ISMS, Monitors and reviews the ISMS, Maintains and improves the ISMS, Manages the resources of the ISMS, Manages the training, awareness and competence about ISMS, Manages the internal ISMS audits and Establishes suitable controls in the ISMS.
Manages Information Management systems to improvement initiatives.
Responsible for ensuring that all managers, process owners and supervisors develop and maintain their part of the process related to information and data security management systems.
Develop the information and data security goals and targets in the Organization’s and Sector’s strategic plan.
Responsible for supporting the development and maintenance of Information Management Systems / Standards.
Leads the design, implementation, operation and maintenance of the Information Security Management System based on the ISO/IEC 27000 series standards, including certification against ISO/IEC 27001 where applicable.
Reporting and Monitoring of the information security management system (including Risk Assessment, Risk Treatment, Info Security KPIs).
Liaises with, provides various stakeholders to develop mediation and corrective action plans to related governance functions throughout the organization as necessary, on information security matters such as routine security activities plus emerging security risks and control technologies.
Leads, performs or commissions information security risk assessments and assess the control environment of the business processes and applications under review, including both manual and automated processes in accordance with the information security program.
Assists both internal and external audits relating to information security as well as performing independent audits to validate completeness and accuracy of the information security program.
Leads or commissions the preparation, authorizes the implementation and revises the necessary information security policies, standards, procedures and guidelines, in conjunction with the appropriate Information Security Body in VIVA.
Leads the development and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations.
Leads or commissions activities relating to contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties.
Leads or commissions suitable information security awareness, training and educational activities and material.
Academic Qualitifcation:
University Degree in Information Technologies or Telecommunications, or equivalent.
Professional Experience:
Minimum
8-10 yrs. IT / Telecommunications operations, service management,
Information / Data Security management, with min of 5 years of
full-time work experience in Information Security management and / or
related functions (such as IT audit and IT Risk Management).
In charge for implementation of an Information Security Management System certification against an international standard (ex. ISO 27001) in a telecommunication company.
Information security management qualifications (such as CISSP or CISM).
In charge for implementation of an Information Security Management System certification against an international standard (ex. ISO 27001) in a telecommunication company.
Information security management qualifications (such as CISSP or CISM).
Note: you will be required to attach the following:
1. Resume / CV
2. Passport-size photograph