Good Daily Rates
Information Security & Compliance Officer (ISCO)
ISAE 3402, ISO 27001, SOC 2, CISM, CRISC, CISA, CISSP,Information Security or TELECOM Industry in an EU Organisation
Major Information Technology provider require an experienced Information Security & Compliance Officer (ISCO) liaison officer inan EU Organisation.
The ISCO is the primary EU customer contact for all security related subjects at strategic and tactical level like security policy, compliance and risk management. It is a client facing activity, related to a specific project or program. The ISO is the link between the business and security teams of the clients and the incumbants security organization.
Protect the interests of the client relying on information, and to protect the systems and communications that deliver the information, from harm resulting from failures of availability, confidentiality, integrity, authenticity and non-repudiation
Improve Information Security processes
Act as a trusted advisor for all security concerns
Align security strategy with client business goals taking into consideration allocated budgets
set and enforce security policies and business continuity
* Monitor compliance with the security standard and policies and, if needed, set up an improvement plan.
* Risk assessment and implementation of adequate risk management and continuity assurance practices
* Interaction with the Customer Security Officer - Day to day support: technical advices, workshops, participation to Change Advisory Boards
* Management of relationships with security partners (internal to Customer)
* Monitoring of security services performance
* Provision of security compliance reporting
* Ensuring that all the Blueprints, detailed design solutions and implementation plans are compliant with Customer Policies
* Collection and analysis of the information ( CERT, … ) on potential IT Risks and threats which can impact Customer Business activities
* Recommendations, alerts and leading of crisis plans
* Collection and analysis of the information on potential risks and threats, which can impact the Services
* Knowledge of information security management
* Audit skills: being audited and running audits.
* Being able to run compliance exercise
* Knowledge of applicable laws (especially the privacy laws)
* Risk: analysis, management and mitigations
* Good communication skills with technical and CxO profiles
* Technical knowledge: Firewall, network, OS Security….Typically a focus on the technology used for the client is needed.
* Project management (basic skill)
* Knowledge of security and audit standards: ISAE 3402, ISO 27001, SOC 2 (As standards are evolving this must be adapted to the current requested standards)
* Understanding and evaluation of security threats.
* Vulnerability management.
* Business continuity and Disaster recovery
* Fluent in English
* Strong and proven consulting skills.
* Minimum 8 years related work experience in customer facing organizations within the telecom or IT industry
The location of this role is flexible based in the UK or EU.
A full Job spec is available upon application.