Start your job search

Manager Information Security Policy Standards

Job Title

Manager, Information Security Policy & Standards

Reports To

Senior Manager, Information Risk & Security

Division

Information Technology

Department

IT - IT Stratgey & Governance

Role Purpose

* Responsbile the implementation, operation and maintenance of the Information Security Management System (ISMS) as mandated by government for all Critical National Information Infrastructure (CNII)

Key Accountability

* Establish Information Security Management System (ISMS) based on the ISO/IEC 27001 in order to ensure sufficient security controls are implemented to protect information assets

* Develop and make relevant Corporate Information Security Policy (CISP), standards and guidelines that direct the selection, implementation and secure usage of information technology within the enterprise

* Perform information security risk assessments and assess the control environment of the business processes and applications under review, including both manual and automated processes in accordance with the information security program

* Develop remediation and corrective action plans with related governance and operational functions such as Physical Security/Facilities, Risk Management, IT, HR, Legal and Compliance

* Lead the development of related compliance monitoring and improvement activities to ensure compliance both with internal security policies and applicable laws & regulations

Qualification & Working Experience

*

Degree in Information Technology, Information Management, Engineering, Computer Science or equivalent with 7 years experience in managing Information Security or IT organization or

*

Certificate in ISO/IEC 27001 Information Security Management System (ISMS) Lead Implementer certification

Skills & Knowledge

* Sound knowledge in information security and risk management framework

* Knowledge in information security risk assessment

* Excellent Communication & Interpersonal skills

Key Challenges

* Evolving Information threats targeting businesses

* Staff ignorance and lack of awareness in information security

* Increasing business outsourcing where business & customer information are in multiple legal jurisdiction & managed by various parties

I would like to apply for the post of Manager Information Security Policy Standards bases at your esteemed organisation. I have attached my CV.

CV:

I agree to Terms and conditions* and Privacy Policy* and Site Usage Policy*

I don‘t want to receive regular notifications (in a form of newsletters) on new/featured Job Listings sent to my e-mail.