Beschreibung
Tasks:• Assure the design of enterprise architecture including infrastructure, application,
integration, and digital strategies
• Define the process for Business Impact Assessments and Privacy Impact Assessments
• Institute a Compliance Framework including implementation, communication, training and awareness activity in response to identified risk
• Support recruitment of ioki’s information security lead who will need to:
o Build strong relationships within the business to develop understanding of security related compliance factors
o Develop understanding of information security and data protection
o Work with leadership team to promote good compliance practice that are essential to the reputation, safety, security and financial prosperity of
o Assure the design of ioki’s enterprise architecture including infrastructure, application, integration, and digital strategies
o Ensure that implements compliant and consistent security standards across the solutions and services it delivers to partners, clients and customers
o Manage and evolve the process for Business Impact Assessments and Privacy Impact Assessments. Provide risk and vulnerability assessments to the business and support the development of projects as necessary
o Manage and evolve the Compliance Framework including required implementation, communication, training and awareness activities in response to changes to identified risks
o Provide business support in, ensuring compliance whilst playing a supportive role in ensuring being well prepared for compliance / audit exercises
o Subject to requirement, interact with external compliance and regulatory bodies on Cyber and Information Security.
Skills:
Certified as an ISO27001 Lead Implementer/ Auditor, strong knowledge in supporting regulatory frameworks and Data Protection/ Privacy, very strong Policy Framework experience
• Proven and referenceable experience as an information security, risk and compliance specialist, designing, implementing and supporting / operating information security management systems and processes
• In depth experience in information security, privacy and compliance and policy
frameworks and working with colleague to deliver and design/implement pragmatic
controls designed to support ioki business functions in a large and complex multi-supplier/ multi-platform / SaaS environment
• Knowledge of all areas of Information Security, including: Cyber Security for Digital
technologies; Identity and Access management; Authentication and Single Sign On;
Authorization; Audit; Data protection and Privacy; Security administration; Risk
Management and Assurance; Security Management. Experience in Payment Card Industry Data Security Standards and knowledge of new and forthcoming regulations including General Data Protection Regulation and the Network and Information Systems Directive
Start & Duration:
from March 2018 till end of 2018