About the role
Responsible for supporting the Information Security Team in delivering the information Security strategy for AAM and aligning this with the Information Security strategy. Activities will include consulting on information security issues, monitoring compliance to information security policies and championing the global standards across the AAM business.
- Support the maintenance of the Information Security & Business Resilience control landscape
- Perform risk and application assessments to determine its importance and criticality
- Ensure appropriate Information Security & Business Resilience Policy and Standards are applied to meet regulatory requirements and protect information assets
- Participate in programs/projects/activities to improve Information Security at AAM
- Maintain related information in the tools and systems up to date
- Perform appropriate monitoring and reporting activities
- Ensure appropriate management information is provided to stakeholders
- Ensure the departments repository is up to date and accurate
- Resolve ad-hoc requests from (senior) management and other stakeholders
- Support the training & awareness activities for all personnel and specific target groups
- Support the 3rd party assurance processes
- Support the client assurance processes
- Continuously monitor processes, procedures, and systems for effectiveness and support changes and improvements, in line with information security needs
- Keep up to date with relevant developments in Information Security & Business Resilience and define knowledge gaps, to ensure the development and exchange of knowledge among the information security team
Qualifications and Skills:
- Bachelor’s degree with emphasis in Computer Science, MIS, Auditing, Finance or Business or equivalent education and experience required
- Minimum of 2 years of relevant work experience required
- Experience with compliance and information security
- Knowledge of software development life cycle
What you need to do now
- Experience with IT, Information Security, Risk or Compliance
- Good understanding of risk management frameworks
- Good understanding of technology (infrastructure, network, database, application controls, web-based; and information security)
- Good understanding of frameworks, E.G. IT, (ISO, NIST 800 COBIT) Compliance (CCPA, GPDR, Privacy, SOC 2), Info Sec Standards (ISC2, ISACA, ISO 27001, ISO 22301)
- Risk assessment/risk management skills.
- Good stakeholder management skills, with an ability to understand and communicate technical detail to a non-technical audience.
- Problem Solving, with the ability to undertake very complex tasks, including, but not limited to, analytical thinking and developing highly innovative solutions.
- Ability to coordinate and perform multiple tasks/projects simultaneously, balancing priorities and deliverables.
- Excellent time management and analytical skills.
- Ability to work in a global environment and with different cultures.
- Effective written and verbal communication skills at all levels of the organization.
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career. #1167158