Dvp, Ciso

Job Description

Lead IT security sub-function and provide input to and lead the implementation of functional strategy to provide information and system security, effective IT disaster recovery and information technology support to general company disaster recovery and business continuity in line with overall Group business strategy and functional objectives, and Group guidelines and policies. Lead the sub-function on a global/group level. Establish and implement strategies that have short to long-term (1-5 years) impact on business results in alignment with global and functional objectives.

The incumbent will be expected to:
- Formulate the IT security strategy in line with business strategy and functional objectives, corporate guidelines and policies
- Direct planning and implementation of IT security plans and measures as well as budgets to achieve defined results
- Lead coordination and control highly strategic projects and initiatives across division to deploy and enforce protocols for information and system security in a cost-effective, efficient and timely manner
- Drive development, implementation, testing and reviewing of IT security tools and procedures in order to guarantee disposability, privacy and integrity of information
- Provide direction and devise comprehensive controls and procedures to protect division-wide information systems assets from intentional or inadvertent modification, disclosure or destruction
- Establish and deploy security systems and methods to prevent others from infiltrating company information or jeopardizing systems or programs
- Drive and establish mechanisms for physical protection of information systems assets to other functional units
- Steer designing and implementation of disaster recovery plans and processes
- Determine and enforce appropriate firewall standards and criteria
- Design, implement and audit security policies to control access to systems and systems for providing security clearance and authorizations
- Devise procedures to appropriately identify, manage and communicate security risks
- Advise and provide specialized consulting for complex projects on IT security aspects such as design and implementation of security controls, identification and solution of security gaps, etc. Introduce and embed world class IT security processes, protocols and practices.