Security Risk Manager
Ensure that security risks do not exceed the organization risk appetite by timely identifying risks and maintaining the security risk register, assessing risks, drive risk mitigation and monitor and report on progress.
* Identify risks and perform/facilitate risk assessments.
* Drive mitigation of risks; propose mitigating controls in accordance with sector risk appetite and drive implementation and use.
* Maintain the sector security risk register and periodic reporting; have a clear oversight on the status of current security controls for the sector.
* Stakeholder management; ensure awareness and ownership of risks/mitigations.
* Ensure compliance to security policies and standards.
* Alignment with IT security department on IT infrastructure security.
* Keep up with relevant international legislation, emerging threats, forecasts, policies and benchmarks.
* Master degree or equivalent combination of education and experience (e.g. in a technical area, business administration, industrial engineering).
* Information security risk management qualifications like CISSP, CISA or CISM.
* Minimum of 5 years of relevant experience in information security risk management.
* Proven experience with the ISO27001/2 risk management framework/control.
* Proven experience in the IT security domain.
* Knowledgeable on multiple laws and regulations; e.g. GDPR and US export regulations.
* Relationship builder; able to create and maintain a trusted network on all levels.
* Strong analytical skills.
* Pro-active and self-motivated with the proven ability to drive results.
* Pragmatic, hands-on mentality, motivated by realizing goals rather than personal acknowledgement.
* Able to give direction, plan and prioritize.
Michael Bailey International is acting as an Employment Business in relation to this vacancy.