Provide assistance and input into the VG Information Security Strategy, Function and Operations.
Engage with VG COO and CIO and departmental heads to ensure that the Information Security Program is aligned to business and systems developments.
Develop VG specific policy, standards and process that is aligned to the VG Strategy.
Identify and assess VG Information Security related risks, identification of controls implemented and the co-ordination and reporting of management actions to address.
Assist with appropriate training and awareness programs or initiatives for all VG staff.
Provide regular reporting and active participation in relevant information security forums and committees.
Provide operational oversight on security controls to address cyber threats.
Manage and maintain a working relationship with TI Infosec operations teams, VG security architects, development, network, server and web teams.
The primary purpose of this role is to serve as a senior security specialist within the Vitality Group Information Security structure. This individual works closely with the Vitality Group Information Security Manager to serve as a 2IC and backup. This role includes responsibility for Information security strategies and programs, policies, security risk management, assurance, security architectural guidance/vetting and the delivery of internal security consultation services to Vitality Group business, IT, and partner markets. The role also includes leading and managing the security governance for Vitality Group. The role also includes the responsibility for managing Security Operations, providing review and oversight to a number of security controls, and providing operational insight to address the management of cyber threats. This is hands-on position, which will require strong technical expertise in many security technologies.
Responsibilities and Duties
Challenging Aspects of the job
Ability to deal with a constantly changing technology landscape and complex regulatory requirements related to data privacy.
Ability to protect information assets according to their appropriate business value
Keeping abreast with adversaries’ threat vectors and their exploitation methods across the various threat landscapes.
Managing business requirements in relation to information security incumbents
Encountering individuals with different approaches in dealing with challenges
Required Experience, Skills and Qualifications
A Bachelor’s Degree in a related area such as Computer Science, Information Security and Risk Management.
5+ Years IT , Information Security and Risk Management.
Information Security industry-standard certifications such as CRISC, CISA, CISM or CISSP would be advantageous.
Knowledge of information security governance frameworks and standards eg. COBIT, ISO Series, NIST etc.
Experience in a broad range of security technologies/products, standards and methodologies.
Experience in the development of security plans, strategies, roadmaps, methodologies and frameworks.
Job Type: Contract