Chief Information Security Officer

We are a leading firm driving initiatives and other industries digital transformation. As the Centre of Excellence for Infocomm Technology and Smart Systems (ICT & SS), we develop for our clients the capabilities in Data Science & Artificial Intelligence, Application Development, Smart City Technology, Digital Infrastructure, and Cybersecurity.

We offer you a purposeful career to make lives better where we empower our people to master their craft through robust learning and development opportunities all year round.

Join us to advance our mission and shape your future with us today!

Requirements;

We support various industries in carrying out ICT delivery services and appoints a Chief Information Security

Officers(ACISO) to oversee information security management within these industries. The ACISO is a leadership role that requires technical proficiency demonstrated in multiple cybersecurity domains. The role demands knowledge and/or practical experience in most of the domains below:

• Cybersecurity Governance frameworks,

•  Security Operations including incident response,

•  Architecture design and threat risk assessment,

•  Security Testing.

The ACISO must possess technical understanding of both on-premises infrastructure security and cloud security architectures across major platforms (e.g., AWS, Azure and GCP), including their native security features, identity management systems, and security control implementations.

What you will be working on

Emplaced industries and reporting to the firm’s Chief Information Officer (CIO), you will collaborate with various stakeholders, management, project teams, and outsourced vendors) and will be responsible to:

·   Lead the firm cybersecurity function in supporting agency digital transformation initiatives whilst ensuring digital resilience of agency systems.

·  Formulate and implement agency cybersecurity strategies, policies and work plans, ensuring continuous alignment with the firms business strategic goals.

·   Review and enhance risk management through threat-based risk assessments, risk mitigations, risk monitoring and reporting.

·   Provide consultation and endorse risk management and mitigation plans from agency’s project teams.

·   Govern and enhance the agency's security posture by maintaining visibility and oversight of ICT assets, security architectures, and cybersecurity operations code of practices.

·   Develop and maintain incident response plan and playbooks. This involves planning, designing and conduct of security incident response workshops and exercises (table-top exercises, simulation and drills) as well as lead the investigation and management of ICT security incidents.

·   Provide advisory and recommendations on appropriate cybersecurity technologies to be deployed that meets agency’s business requirements and aligned with WOG-wide advisories and practices.

·   Ensure secure by design ICT product development, and that security controls implementations comply with the defined security policies, standards and guidelines.

·  Develop and maintain effective cybersecurity awareness and training programmes

What we are looking for

·   Degree in Computer Science, Information Systems, Engineering or related Technology field

·  At least 8-10 years of management experience related to information security and solid grasp of ICT operations, security policies, business processes and the relationship between them.

·   Ability to work with multi-functional, multi-disciplined teams to formulate, institute real time awareness of security posture and baseline among end users.

·   Good interpersonal and partner/executive leadership skills.