Regional Information Security Officer (RISO) - ES

Konsento is searching a talented candidate for our client.

Our client is a global life-science company, with 50.000 employees all over the globe and with presence in 47 countries at the moment. 

The Regional Information Security Officer will be responsible for the implementation and running of IT Risk Management and cybersecurity strategy.

• Management of security control weaknesses and reporting on cybersecurity risks, supporting business goals.
• Being responsible for growing and running the regional information security program.
• Proactively working with business units to implement audits, measures and tools that meet global standards.
• Provide security oversight over the regional infrastructure delivery team(s) (IT Infrastructure Zone Support Team), ensuring embedding security in the operations of the team as well as new initiatives.
• Lead the information security function across the Region to ensure consistent and high-quality information security management in support of business goals, and in line with the Group Security Standards.
• Collaborate with Group Information Security team (i.e. apply group standards within the region, drive regional action plans,…) 
• Manage the Regional Information Security budget in collaboration with the regional Business sponsor and with Group Information Security.
• Be the hiring manager for own team and ensure senior business leadership buy-in for team composition/sizing.
• Perform information security risk assessments including the reporting and oversight of treatment efforts to address negative findings.
• Ensure that security is embedded in the project delivery process by providing the appropriate information security policies, practices, guidelines and necessary oversight.

• 7 to 10 years of relevant experience, including 5 years in a leadership role.
• Bachelor’s degree
• Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) certification preferred.
• Knowledge of Information technology infrastructure library (ITIL) (certification preferred) 
• Experience in establishing cybersecurity and risk metrics
• Excellent written and verbal English communication skills
• Experience with the information security management frameworks, such as ISO 2700x, ITIL and (COBIT) 

Please send your application in English.