Information Security Officer

Job Description

Information Security Officer

Key Responsibilities:
- Perform security assessments for vendors and projects, identifying risks and recommending mitigation strategies.
- Ensure compliance with security policies and standards in all vendor and project activities.
- Develop and maintain frameworks for security assessments.
- Stay updated on emerging security threats and industry trends.
- Participate in incident response and investigations.
- Collaborate with procurement to evaluate and manage vendor security.
- Review vendor documentation to assess security posture.
- Apply risk management principles to prioritize and mitigate security risks.
- Support the development and enforcement of security policies and procedures.
- Conduct security awareness training for staff.

Skills and Experience:
- Over 5 years of information security experience.
- Preferred certifications: CISA, CISM, or CISSP.
- Strong knowledge of security principles, standards (e.g., ISO 27001, NIST), and best practices.
- Experience in security assessments and risk management.
- Familiarity with regulatory requirements (e.g., GDPR, CCPA) is a plus.
- Strong analytical and problem-solving skills.
- Excellent communication skills.
- Ability to work independently and in a team.
- Detail-oriented with a commitment to high-quality standards.