Global Information Security Job Description
Global Information Security Duties & Responsibilities
To write an effective global information security job description, begin by listing detailed duties, responsibilities and expectations. We have included global information security job description templates that you can modify and use.
Sample responsibilities for this position include:
Global Information Security Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Global Information Security
List any licenses or certifications required by the position: CISSP, CISM, GIAC, CISA, OSCP, OSCE, QSA, PCI, SANS, CEH
Education for Global Information Security
Typically a job would require a certain level of education.
Employers hiring for the global information security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Technology, Information Security, Information Systems, Engineering, Education, Business, Technical, Graduate, Management
Skills for Global Information Security
Desired skills for global information security include:
Desired experience for global information security includes:
Global Information Security Examples
Global Information Security Job Description
- Facilitate the firm-wide information security and privacy internal audit program and help to ensure timely submission, tracking of issues, and facilitating remediation efforts
- Management of remediation tracking efforts for security and privacy related assessments, escalating issues where appropriate, and validating that plans are implemented in a timely and effective manner
- Cultivate a high-performing team of engaged leaders who will continue to evolve to address the information security needs of the company
- Create energy and enthusiasm at all levels of the information security organization
- Participating in the IT Risk Committee attended by senior IT directors and business representatives
- Serves as an internal information security consultant to KGS advising on operational control status
- Develops and maintains a operational information security plan and security calendar for KGS
- Supports the development, implementation, and management of operational standards and procedures to ensure they are aligned with information security policies, standards and compliance obligations
- Conducts operational audits to ensure compliance with control requirements
- Conducts operational risk assessments in partnership with the Information Security team, identifying operational risk and gaining agreement on mitigation strategy with KGS management and Information Security team
- Experience in complex and decentralized organizations and must be able manage tasks through influence and relationships
- Experience managing decentralized risk aggregation, reporting, analysis and regulatory compliance programs
- Minimum six years of experience as an experienced security or audit professional including two years of experience within a corporate environment
- Prior experience in IT security and IT audit
- Knowledge of key principles surrounding Information Protection and Data Privacy
- Professional security or privacy qualifications such as CISSP and/or CIPP preferred
Global Information Security Job Description
- Promotes importance of security throughout KGS and participates in cross functional security forum
- Develops, agrees and reviews information security related performance objectives for management and staff
- Ensures information security is considered in all operational projects
- 40% - Global Information Security change management strategy, key message and presentation creation for the CISO and Security Program team
- Manage daily operations for information security management for entire enterprise
- Interfaces with peers in the End-User Computing, IT Infrastructure and Network organizations with the leaders of the business to share the corporate security vision and to solicit their involvement in achieving higher levels of enterprise security
- Manage local Cyber reporting program that drives awareness and compliance of KRI’s and KPI’s
- Align with global Cyber regulatory engagement model to cover regulatory expectations on board accountability for cybersecurity
- Ensure adoption of Asset Management Information Security Policies and Standards in Asia
- Gains insight in to projects with a security implication
- Masters Degree (Computer Science, Telecommunications or Engineering)
- 10+ years of a progressive experience in Information Security/Technology Risk Management
- Professional certification in Information Security of IT Risk Management (CISSP, CISM, CISA, ) strongly preferred
- Strong technical knowledge of information security techniques, standards, processes, and architecture concepts including security operations, network architecture, platform security, application security and threat and vulnerability management
- Experience with system development, information security, information management and project management methodology
- Ability to develop and deliver effective user education sessions
Global Information Security Job Description
- Works with Project Managers throughout the organization
- Maintains and provides updates on projects status
- Has responsibility for researching, collecting, prioritizing, documenting and communicating requirements gathered through various techniques
- Recommends alternatives based on business knowledge
- Develops relationships with business partners by demonstrating an intermediate level of knowledge of the business strategies and objectives as they relate to their processes, products, people and systems and by providing timely and accurate information between stakeholder groups
- Participates more broadly across the project life cycle starting with requirements through design, testing, implementation, including supporting design and testing, with accountability for specific deliverables
- Solicits & applies standards and best practices as defined by the BA Center of Excellence (Coe) and the Project Management Office (PMO) and is accountable for ensuring the application of those best practices
- Manages the Global Inciden Response team and security incidents through the Security Incident Response process and tracks the activities of the various groups responsible for incident remediation
- Works with our Managed Security Services Provider (MSSP) to tune and update their correlation of events/incidents
- Manages off hour information security support staff
- Proven ability to build relationships, engage and influence others, work with a diverse internal and international user community, as well to negotiate and build relationships with vendors
- Strong interpersonal skills, including demonstrated ability in applying sensitivity and professionalism when communicating across geographical and cultural boundaries
- Results oriented with the ability to work independently and as part of a team, managing multiple priorities within tight deadlines
- Ability to be flexible and adaptable when driving and dealing with change
- Demonstrate “body of knowledge” with industry best practices and ability to stay current in the Information Security domain
- Strong platform and application development skills
Global Information Security Job Description
- Ensure that all incoming alerts are analyzed, distributed and responded to appropriately
- Share team ownership of application security review and risk assessments in order to ensure risks are appropriately identified, controlled, validated, documented and remediated/accepted appropriately according to policy and business need
- Develop automated solutions to enahance and streamline exisitng incident response and events management workflow
- Manage and contact for business unit’s portfolio of information security initiatives to support their global business needs
- Interface and communicate with Information Security Risk Management (ISRM) and the Business Unit CTO/senior business leaders
- Support and drive the Information Technology (IT) Security strategy within the business unit
- Direct projects toward desired IT Security strategic goals and provide business solution design input to Information Security project prioritization
- Establish clear priorities and execute strategies for successful fulfillment of information security related projects for the business unit based on their costs, benefits, and alignment with long-term strategies and resources
- Identify opportunities and long-range security and risk improvement strategies within the business unit reports on progress for mutual success
- Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new risks or threats
- This is an opportunity for a seasoned risk and information services professional
- Excellent skills required for interacting with cross functional teams in different locations
- Ability to effectively communicate ideas and recommendations orally and in writing, at Division and Corporate levels, and to listen and consider ideas of others
- Ability to manage multiple tasks for multiple stakeholders which will need to be prioritized
- Ability to challenge the status quo, assess business risk and make appropriate decisions
- Understanding and/or qualification in IT Risk and Governance frameworks and standards
Global Information Security Job Description
- Collaborate across GISO, GTS and member firms to translate information security policy requirements and standards into sound and practical security standards, architecture decisions, designs and patterns at the network, application, platform levels (e.g., reference, conceptual, and logical) and to address/remediate identified information security issues
- Develop new information security related standards, processes, and procedures as needed (e.g., identifying and writing security hardening and configuration standards for various platforms and technologies)
- Perform information security risk assessment related activities and conduct security architecture and controls reviews to ascertain overall compliance with global information security requirements as needed
- Work closely with GISO and GTS enterprise architects to provide security oversight for proposed global technology standards
- Provide SME support for security product evaluation activities in relation to compliance with defined standards
- Monitors security blogs, articles, and reports and remains current on related laws, regulations, and industry standards to keep up to date on the latest security risks, threats, and technology trends, where relevant notifies leadership to incorporate information into processes, procedures, and audit preparedness activities
- Analyses complex technology and operational risks to the enterprise and proposes appropriate controls to comply with relevant laws, regulations, and industry standards
- Provides project support for assigned security function
- Support the collaboration across GISO, GTS and member firms to translate information security policy requirements and standards into sound and practical global security standards and to address/remediate identified information security issues
- Support development of new information security related standards, processes, and procedures as needed
- Oversees team members to discuss current projects, workload and activities and prioritizes resources accordingly
- Candidate must currently be enrolled in an accredited 2 or 4 year college program, pursuing a degree in Liberal Arts, Information Security, Cyber Security, Project Management, or related field, however all disciplines are encouraged to apply
- Must be local to Chicago area
- BS/BA degree in Computer Information Systems/Management Information Systems or related discipline or equivalent experience and 3-5 years related work experience in information security governance and/or related functions such as audit and risk management
- Excellent verbal and written communication skills to develop positive relationships and effectively communicate with employees, business partners and all levels of management
- Experience with information security management or quality frameworks desirable such as AT101 SOC 2, ISO, ITIL, CobiT, NIST and /or experience supporting regulatory and compliance programs