Key Outputs
Provide input into the Group Information Security Strategy with associated programs and leading these within the respective business unit.
Engage directly with the CIO and other influential parties to execute the Group and Business Unit Information Security Strategy.
Regular engagement with the Business stakeholders ensuring that the Information Security Program and Strategy is aligned to business and systems developments.
Assist in the development of appropriate Information Security Policies, Standards and guidelines that are aligned to business outcomes and needs.
Identification and assessment of Information Security related risks, identification of controls implemented within the business and co-ordination and reporting of management actions to address shortcomings.
Assist with appropriate training and awareness programs or initiatives for all staff to inform them of their information security obligations.
Providing ongoing direction, guidance and support to the business on all information security related matters.
Regular reporting to and active participation on relevant forums and committees
Personal Attributes and Skills
Strong negotiation skills
Excellent knowledge of technology environments
The ability to articulate security in non-technical business impact terms
Excellent written and oral presentation skills, ability to lead discussions and present complex ideas to all levels within the organization
Business Writing Skills, Presentation and Facilitation Skills
Customer Service Orientation, Result Orientation, Negotiation skills
Personal organisation and time management skills
Time Management
Professional Communication (written, verbal/presenting and listening)
Interpersonal skills - Ability to build relationships with people from all different backgrounds and at different job levels
Education and Experience
Information Security Qualifications (CISSP, CISM, etc)
Related Degree / Diploma
10+ years' experience in the Information Security field across three or more domains
Working knowledge of and experience with Risk and Compliance
Working knowledge of applicable industry standards, legislations, etc