Regional – Information Security Specialist (EMEA)
The Information Security Specialist is responsible to safeguard company information system assets by identifying and remediating potential and actual security threats, vulnerabilities and weaknesses.
This person will take full responsibility for the regional company information system security including defining the security strategy as well as developing and implementing the information security roadmap in alignment with the central global IT strategy & Policies. The successful incumbant will report directly to the CIO.
- Provide direction and consultation on information security and compliance.
- Creation, maintenance and socialization of security policies, procedures and standards in alignment with global policies, procedures and standards.
- Develop a local information security risk assessment framework to accurately assess all internal and external threats and vulnerabilities in accordance to the DSV security policy
- Inform local users about security measures, explain potential threats & implement security measures in accordance to the company security policy.
- Safeguards information system assets by identifying and solving potential and actual security problems.
- Establish and implement an information security governance framework commensurate with the assessed information security risk facing the business.
- Perform regular information security assessments & attestations, compliance reviews and information security audits with associated management reporting with a view towards continuous improvement.
- Create and institute measures to safeguard sensitive information within the local company computer network in alignment with central policies & procedures.
- Perform penetration and other intrusion tests on the IT network to identify potential weaknesses.
- Identify and drive information security improvement initiatives in response to identified threats, vulnerabilities and weaknesses.
- Monitor and analyze information security performance and compliance reports and escalate issues as needed.
- Protects local system by defining access privileges, control structures, and resources.
- Recognizes problems by identifying abnormalities; reporting violations.
- Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.
- Determines security violations and inefficiencies by conducting periodic audits.
- Keeps stakeholders informed by preparing performance reports; communicating security status.
- Maintains quality service by following organization security standards.
- Serve in an advisory role in application development and infrastructure projects to assess security requirements and controls and ensure that security controls are implemented as planned.
- Develop and deliver IT risk & security awareness and compliance training programs in the business.
- Build and maintain relationships with operational and sales organizations to understand and anticipate internal and external customer needs and market demand
- Stay abreast with developments and best practice in IT Security as a profession
- Stay abreast with country security regulations and ensure adherence to any country specific regulatory requirements
- Work closely with client project implementation teams to provide security guidance and to identify, assess and mitigate potential information security threats and vulnerabilities.
- Provide support with completion of tenders on security matters
- Advanced, demonstrable skills with 5+ years’ experience in a senior information security role with a strong focus and understanding of all information security related threats facing big business today.
- Ability to operate at technical and strategic level, both internally and with clients.
- Good interpersonal, written, and oral communication skills, from technical to strategic level.
- Able to prioritize and execute tasks in a high-pressure environment
- Experience working in a global context across time zones and countries and as a part of virtual teams.
- Experience working within a global IT governance framework.
B.Com Informatics / BSc Informatics / Computer Sciences Degree or 3-year IT Diploma.
Relevant Information security related certificates / courses.
- Analytical Skills (e.g., Storing Information & Managing Data, Learning and Following Procedures)
- Business Process Modeling Skills
- Applied Learning / Functional Knowledge and Skills (e.g., Using Computer Skills, Maintains Industry Awareness/Industry Knowledge)
- Interpersonal Communication and Language Skills (e.g., Listening to Others, Speaking to Others, Reading, Writing)
- People and Relationship Management Skills (e.g., Demonstrating Teamwork, Sensitivity to Others)
- Change Management Skills (e.g., Learning Agility, Adapting to Change)
- Personal Motivation (e.g., Demonstrating Enthusiasm and Energy, Drive to Achieve Goals)
- Quality and Service Skills and Orientation (e.g., Valuing Quality, Focusing on Details)
- Quantitative Reasoning Skills (e.g., Using Basic Math)
- Self-Management Skills (e.g., Dealing with Stress, Maintaining Composure)
- Work Orientation (e.g., Behaving with Integrity, Being Dependable)
- System Administration
- Network Architecture & Security design
- Firewall Administration
- N+ and Security+ certification, Cisco CCIE, CCNP or related certification
- Other security related qualifications like CEH, GPEN
- .Net Exposure advantageous
- Banking background/exposure advantageous
- Premier cyber security specific certifications like (ISC)2, CISSP or ISACA CISM
- Own Vehicle,
- Ability and willingness to work long hours at times
- Ability to work independently and function under pressure
South African Citizens will ONLY be considered for this role.
Salaries are modeled on a Cost To Company principle. CTC packages comprise a Cash Component + compulsory Retirement Funding (employee can select contribution level: 10 / 15 / 20%) + voluntary Discovery Medical (deducted from cash component, if chosen). CTC excludes the discretionary annual bonus / incentive scheme payouts.
Should you not receive a response within 2 weeks from aplying please consider your application unsuccessful.