Chief Information Security Officer (Cyber Security)

For a prominent company on the island, we are looking for a Chief Information Security Officer (CISO) who shall report directly to the Executive Management Team.

The company is the only player in their field on the Island and tasked with safeguarding an essential operation having daily processes which must be fail prove to avoid national calamities.
This function is an internal position and will not be outsourced or performed by a third party.

Purpose of the function
The CISO shall head the team responsible for managing the information security of the entire operation and all business IT systems, including but not limited assessing security vulnerabilities, establishing procedures to monitor, identify and mitigate risks/threats. It must be ensured that all assets and platforms/systems/frameworks are resilient to (cyber) attacks and able to recover to normal levels of services as quickly as possible.

Duties & Responsibilities

• Leads and is process owner of the information security strategy companywide;
• Develops procedures and policies to maintain systems secure, monitor for potential threats, prevent attacks and adequately respond to information security related incidents;
• Is responsible for the development of the information security/policies and strategy in short and midterm planning;
• Makes a budget proposal for information security projects, tasks and investments;
• Gives support and advice to the organization (all departments) regarding information security related systems;
• Develops and executes IT and Data Security strategies enhancing the reliability and security of the systems, projects and underlying data;
• Performing information security risk assessment (including penetration tests) and advice/coordinate the implementation of risk mitigations and controls;
• Develops and implements an information security management system (e.g. ISO 27001 standards) including its policies/procedures, controls, incident reporting;
• Plans and executes vulnerability assessment, penetration testing and/or security audits and investigations;
• Investigate and report on information security incidents, issues or irregularities and advice on recommendations for mitigation and/or improvement.

Competencies

• Minimum bachelor’s degree in computer science or other technology field;
• Minimum of 5 years work experience in Information security;
• Certification information security (e.g. CISSP, CISA, or CISNJ) is highly preferred;
• Knowledge of ISO 27000 and divers compliance frameworks highly preferred;
• Strong knowledge of communications, navigation and/or surveillance systems;
• English, Spanish both verbal and in writing are essential;
• Highly analytical, punctual and pro-active;
• Strong managerial skills and a team player;
• Stress resilient.

Company offers

• A reputed organization and work environment performing at the highest international standards;
• Continuous professional development and ability to specialize through trainings and certifications, especially in the field of Cyber Security;
• A crucial part of the team with high levels of responsibility and ownership to make a difference;
• Competitive salary and benefits.

In case you are interested in this position please send your CV and Motivation to Starting date of the position will be January 2025.
Please note that skill and/or psychological assessments will be part of recruitment process.

International candidates are welcome to apply.