Responsibility: Information Security

?Relationship Management - The Information Security Officer is responsible for managing the relationship between ISCD and Business Unit(s) ensuring that Business Unit(s) security controls are aligned to ESCRs requirements as appropriate.

?Risk Management - The Information Security Officer is responsible for ensuring information security risk is effectively identified and appropriately managed for his or her Business Unit(s).

?Program Management – The Information Security Officer will be responsible for the management of an ISCD program and will be tasked with managing program milestones throughout the year.

?Compliance/Exception Management - The Information Security Officer is required to support compliance activities related to his or her assigned Business Unit(s) as well as manage the approval process for security exceptions.

All certifications and other designations:
CISSP, CISA, CISM, and/or SANS GIAC preferred.

EXPERIENCE REQUIREMENTS:
Strong working knowledge of all Information Security domains including: network protection, policies, intrusion detection/prevention, access control, etc. Requires the ability to coordinate Risk Assessments, technical vulnerability assessments and/or external/internal audits. Strong writing skills in order to develop formal whitepapers, business cases, reports, and exceptions to the executive management team; reporting technical issues in business terms. Has good working knowledge of overall IT functions. Has strong knowledge of business operations, policies and practices. Translates ISCD strategy into action. Provides leadership across well-defined and homogeneous teams with moderate degrees of complexity. Requires Bachelor's degree with 8 years IT security-related experience, Master's degree and certifications such as CISSP, CISA, CISM, and/or SANS GIAC preferred.