IT Security Lead

The Company's Information Security team isseeking a Business InformationSecurity 

Officer (BISO) / InformationSecurity Manager for our LATAM Digital ServicesJoint 

Venture.

RolePurpose

• Providethe security leadership and influence IT and business executiveswhilst ensuring the business and regulatory requirements aremet.
• Represent the Group CISO function asthe  Business Information Security Officer (BISO) /Information Security Manager and manage theInformation
• Security resources supporting theCompany's Digital Services venture.
• Providevisibility and insights on Security to the LATAMRISO.
• Build and effective relationship,partnering and supporting the C level executives on InformationSecurity matters.
• Manage and attend requiredCommittees, cyber governance meetings and regulatoryengagements.
• Assess and evaluate risk &control position against the KPI’s and information security riskmanagementframework.

Responsibilities:

Therole is focused on securing the Company's Digital Services businessunit. We are

looking for a Business InformationSecurity Officer / Information SecurityManager

with the skills to influence businessleadership, execute complex projects andguide

the IT teams regarding Information Securityrequirements.

The roles and responsibilities forthe position include but are not limitedto:

• Supporting the Group CISOportfolio delivery with oversight and escalation to ensure that allglobal security requirements are effectively rolled out in theCompany.
• 2. The Business Information SecurityOfficer / Information Security Manager is the primary technicalsecurity contact within the organization for security riskanalysis, gap identification, and mitigation/remediationactivities.
• Provide regular reporting oninformation security Key Performance Indicators (KPI), issues andrisks to the RISO and C Levelexecutives.
• Engage with key stakeholders toensure that processes and initiatives follow Company’s  global   and  regional   security  processes,   monitor  security policy/standards compliance, and ensureInformation Security strategy is understood andcommunicated.
• Acts  as   the  technical   subject  matter   expert  on   all  security   initiatives, leveragesexisting global, regional security technology and products to solveproblems, and assists the project teams with testing, deployment,and execution of new initiatives.
• Oversee,support and report on Company's Information Security incidents in collaboration with Global/Regional Security Operationsand the Privacy function.
• Support the internalsecurity awareness and training activities and providefeedback. 
• Oversee the internalThird-Party Cyber Risk Management program to support the  business   in  managing   the  information   security  risks   of  third-party relationships.
• Act astrusted advisor in the exception risk management process to includearticulating   risk  and   vulnerability  information,   determining mitigatingcontrols, and assist in remediation plandevelopment.
• Support the business duringinternal and external audits and with audit resolutions forinformation security related issues, ensuring that a process is inplace to address issues discovered through analysis and takingcorrectiveactions.

ExperienceRequirements:

• Experienceleading Latin America information securityrequirements.
• Bachelor’s degree in computerscience, Information Technology, Cyber  Security orsimilar
• Strong general security knowledgeacross all aspects of the NIST  CybersecurityFramework
• Demonstrated expertise in IncidentResponse and Incident Management.
• Anunderstanding of cloud services and cloud developmenttechniques.
• Communication skills including theability to develop and provide effective  presentations tovarious audiences, including non-technicalresources.
• CISM, CISSP, GIAC or Similarcertifications.
• Written/spoken Englishproficiency required.
• Ability to translatehighly technical information into plainlanguage.
• High level of analytical andproblem-solving abilities.
• At least 10 years ITexperience, working in a technical discipline.
• 5-10 years working experience in InformationSecurity.
• At least 3 years’ experience workingin a senior technical role.