Profession chief ICT security officer

Chief ICT security officers protect company and employee information against unauthorized access. They also define the Information System security policy, manage security deployment across all Information Systems and ensure the provision of information availability.

Would you like to know what kind of career and professions suit you best? Take our free Holland code career test and find out.

Personality Type

Knowledge

  • ICT security legislation

    The set of legislative rules that safeguards information technology, ICT networks and computer systems and legal consequences which result from their misuse. Regulated measures include firewalls, intrusion detection, anti-virus software and encryption.

  • Information security strategy

    The plan defined by a company which sets the information security objectives and measures to mitigate risks, define control objectives, establish metrics and benchmarks while complying with legal, internal and contractual requirements.

  • ICT security standards

    The standards regarding ICT security such as ISO and the techniques required to ensure compliance of the organisation with them.

  • Cyber security

    The methods that protect ICT systems, networks, computers, devices, services, digital information and people against illegal or unauthorised use.

  • ICT network security risks

    The security risk factors, such as hardware and software components, devices, interfaces and policies in ICT networks, risk assessment techniques that can be applied to assess the severity and the consequences of security threats and contingency plans for each security risk factor.

  • Audit techniques

    The techniques and methods that support a systematic and independent examination of data, policies, operations and performances using computer-assisted audit tools and techniques (CAATs) such as spreadsheets, databases, statistical analysis and business intelligence software.

  • Decision support systems

    The ICT systems that can be used to support business or organisational decision making.

  • Organisational resilience

    The strategies, methods and techniques that increase the organisation's capacity to protect and sustain the services and operations that fulfil the organisational mission and create lasting values by effectively addressing the combined issues of security, preparedness, risk and disaster recovery.

Skills

  • Lead disaster recovery exercises

    Head exercises which educate people on what to do in case of an unforeseen disastrous event in the functioning or security of ICT systems, such as on recovery of data, protection of identity and information and which steps to take in order to prevent further problems.

  • Ensure compliance with legal requirements

    Guarantee compliance with established and applicable standards and legal requirements such as specifications, policies, standards or law for the goal that organisations aspire to achieve in their efforts.

  • Ensure adherence to organisational ICT standards

    Guarantee that the state of events is in accordance with the ICT rules and procedures described by an organisation for their products, services and solutions.

  • Manage IT security compliances

    Guide application and fulfilment of relevant industry standards, best practices and legal requirements for information security.

  • Implement ICT risk management

    Develop and implement procedures for identifying, assessing, treating and mitigating ICT risks, such as hacks or data leaks, according to the company's risk strategy, procedures and policies. Analyse and manage security risks and incidents. Recommend measures to improve digital security strategy.

  • Utilise decision support system

    Use the available ICT systems that can be used to support business or organisational decision making.

  • Implement corporate governance

    Apply a set of principles and mechanisms by which an organisation is managed and directed, set procedures of information, control flow and decision making, distribute rights and responsibilities among departments and individuals, set corporate objectives and monitor and evaluate actions and results.

  • Monitor technology trends

    Survey and investigate recent trends and developments in technology. Observe and anticipate their evolution, according to current or future market and business conditions.

  • Maintain plan for continuity of operations

    Update methodology which contains steps to ensure that facilities of an organisation are able to continue operating, in case of broad range of unforeseen events.

  • Ensure information privacy

    Design and implement business processes and technical solutions to guarantee data and information confidentiality in compliance with legal requirements, also considering public expectations and political issues of privacy.

  • Manage disaster recovery plans

    Prepare, test and execute, when necessary, a plan of action to retrieve or compensate lost information system data.

Optional knowledge and skills

train employees ruby (computer programming) sap r3 swift (computer programming) perl internet governance apl pascal (computer programming) web application security threats python (computer programming) ict system user requirements cobol world wide web consortium standards asp.net coffeescript ict process quality models c# matlab typescript cyber attack counter-measures javascript ict encryption create solutions to problems tools for ict test automation abap r vbscript scratch (computer programming) php microsoft visual c++ objective-c lisp prolog (computer programming) smalltalk (computer programming) scala sas language ajax coordinate technological activities common lisp erlang groovy ml (computer programming) computer programming software anomalies visual studio .net computer forensics assembly (computer programming) use different communication channels java (computer programming) optimise choice of ict solution haskell internet of things c++ manage staff ict recovery techniques openedge advanced business language

Source: Sisyphus ODB