BISO responsible for planning and executing enterprise - wide information security initiatives at Elsevier. Driving cybersecurity awareness and managing technical risk assessments for organizational improvements.
About the role
- Information Security Manager at Simpplr developing, implementing, and managing security policies and procedures. Overseeing security systems and leading incident response while ensuring compliance with industry standards.
Responsibilities
- Develop, implement, and maintain security policies, procedures, and guidelines to protect information assets and to ensure compliance.
- Assess system vulnerabilities, identify security risks, and implement risk mitigation strategies. Ensure that the risk register is kept up to date.
- Ensure that all IT systems are up to date with required patches and configuration and required controls are in place to manage and monitor corporate devices.
- Manage and respond to security incidents, conduct investigations and coordinate recovery efforts.
- Ensure the organization adheres to industry standards and relevant regulations, and conduct regular security audits and security committee meetings.
- Closely collaborate with internal and external parties to manage internal and external audits towards successful ISO 27001, ISO 27701 and SOC 2 certifications.
- Data Privacy Framework: Ensure compliance with Data Privacy Framework.
- Develop and deliver security awareness training to educate employees on best security practices and policies.
- Manage and support vendor onboarding process including vendor evaluation and security assessment.
Requirements
- 10+ years of experience in IT with a focus on information security.
- Prior experience with managing and orchestrating security audits and certifications (ISO 27001, ISO 27701, SOC 2 at a minimum).
- Prior experience with policies and procedures management.
- Knowledge of controls related to the use, processing, storage, and transmission of data.
- Proficiency in identifying, assessing, and mitigating security risks and maintaining the risk register.
- Leadership & Management: Ability to lead and manage IT and information security programs.
- Effectively communicate security risks, policies, and procedures to stakeholders and employees.
- A bachelor's degree in cybersecurity, computer science, or a related field.
Benefits
- Flexible work from home and office
- Education on best security practices and policies
- Collaboration with internal and external parties
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Develop innovative Cloud architectures on Microsoft Azure platforms. Secure cloud infrastructure and applications against various threats while working in a project team.
Analista Pleno de Segurança Patrimonial na Hershey Brasil, responsável por suporte de segurança física e gestão de serviços de segurança. Atuará em conformidade e gestão de crise em São Roque.
Senior Security Architect managing security architecture for Fitch Group. Leading design and implementation of control sets for emerging technologies.
Regional Information Security Officer managing security protocols and compliance for KARL STORZ. Leading local ISOs and enhancing information security measures across subsidiaries.
CISO managing information security and privacy governance at Puzzel, a leading cloud - based contact center provider in Europe. Engaging with stakeholders for compliance and risk management.
Manager of IT Support & Endpoint Security overseeing service desk operations and endpoint security strategies. Leading a team to deliver high - quality technical support and manage IT security policies.
Senior Security Officer responsible for security and safety duties in acute care settings. Providing armed presence and response, coordinating with law enforcement as required.
Security Officer overseeing sensitive information protection and compliance with regulations. Collaborating with internal teams ensure security policy implementation and risk management under EU standards.
Technical consultant addressing information security risks for USAA and guiding strategic security direction. Leading peers in assessing security strategies and educating on best practices.