Information Security Senior Specialist

For this contract position as an INFORMATION SECURITY SENIOR SPECIALIST, you will be responsible for identifying potential information and network security vulnerabilities. This candidate will develop and execute security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, E-commerce and web-based systems.

DUTIES WILL INCLUDE, BUT NOT LIMITED TO, THE FOLLOWING:

- Researching attempted or successful efforts to compromise security and designing countermeasures
- Maintaining hardware, software and network Firewalls and encryption protocols
- Administration of security policies to control physical and virtual access to systems and provides training on security solutions
- Maintenance of all ISMS policies, procedures and relevant standards and supporting documentation as directed
- Scheduling and documentation of all meetings (eg Agenda and Minutes)
- Coordinate the production of all relevant reports and statistical analysis required for Annual ISMS Management Review meetings
- Maintain and update content of ISMS Action Logs (eg Security Incident Log, Security CA/PA Log, Documentation Reviews)
- Overseeing progress of Action log activities assigned
- Maintaining Information Risk Assessment
- Scheduling, monitoring and reporting on Security Awareness Training and Induction Training for all staff within scope of the ISMS
- Scheduling and reporting on Security Forum Meetings including all supporting documentation (eg Agenda and Minutes)
- Supporting Audits of compliance of ISMS Requirements
- Acting as Liaison between External Audit Bodies and Customers for all Internal, External and Third-Party Auditing activities
- Assessment of adequacy of IFS Division Operational Security Procedures
- Undertaking annual risk assessments within scope of the ISMS based on the documented risk methodology
- Documentation of acceptance of risks where appropriate with the risk owner
- Documentation of agreed-upon transfer or avoidance of risks where appropriate with the risk owner

REQUIRED QUALIFICATIONS:

- Bachelor's Degree in Information Systems or the equivalent in the form of experience
- Ability to develop, create and implement processes that may be complex and/or cross team and organizational boundaries.
- Ability to create and maintain effective documentation, including policies, processes and procedures
- Understanding of Information Security technologies
- Understanding of Information Security controls
- Excellent organization skills
- Ability to prioritize workload in order to meet commitments
- Strong communications skills, both verbal and written, as well as the ability to communicate well with people in a variety of positions, roles and levels

PREFERRED:

- Knowledge of Export Control
- CISSP Certification
- An understanding of ISO27001