Profession chief ICT security officer

Chief ICT security officers protect company and employee information against unauthorized access. They also define the Information System security policy, manage security deployment across all Information Systems and ensure the provision of information availability.

Would you like to know what kind of career and professions suit you best? Take our free Holland code career test and find out.

Personality Type

  • Conventional / Investigative

Knowledge

  • Decision support systems

    The ICT systems that can be used to support business or organisational decision making.

  • Information security strategy

    The plan defined by a company which sets the information security objectives and measures to mitigate risks, define control objectives, establish metrics and benchmarks while complying with legal, internal and contractual requirements.

  • ICT security standards

    The standards regarding ICT security such as ISO and the techniques required to ensure compliance of the organisation with them.

  • Audit techniques

    The techniques and methods that support a systematic and independent examination of data, policies, operations and performances using computer-assisted audit tools and techniques (CAATs) such as spreadsheets, databases, statistical analysis and business intelligence software.

  • ICT network security risks

    The security risk factors, such as hardware and software components, devices, interfaces and policies in ICT networks, risk assessment techniques that can be applied to assess the severity and the consequences of security threats and contingency plans for each security risk factor.

  • Organisational resilience

    The strategies, methods and techniques that increase the organisation's capacity to protect and sustain the services and operations that fulfil the organisational mission and create lasting values by effectively addressing the combined issues of security, preparedness, risk and disaster recovery.

  • Cyber security

    The methods that protect ICT systems, networks, computers, devices, services, digital information and people against illegal or unauthorised use.

  • ICT security legislation

    The set of legislative rules that safeguards information technology, ICT networks and computer systems and legal consequences which result from their misuse. Regulated measures include firewalls, intrusion detection, anti-virus software and encryption.

Skills

  • Ensure information privacy

    Design and implement business processes and technical solutions to guarantee data and information confidentiality in compliance with legal requirements, also considering public expectations and political issues of privacy.

  • Ensure compliance with legal requirements

    Guarantee compliance with established and applicable standards and legal requirements such as specifications, policies, standards or law for the goal that organisations aspire to achieve in their efforts.

  • Manage disaster recovery plans

    Prepare, test and execute, when necessary, a plan of action to retrieve or compensate lost information system data.

  • Lead disaster recovery exercises

    Head exercises which educate people on what to do in case of an unforeseen disastrous event in the functioning or security of ICT systems, such as on recovery of data, protection of identity and information and which steps to take in order to prevent further problems.

  • Manage IT security compliances

    Guide application and fulfillment of relevant industry standards, best practices and legal requirements for information security.

  • Implement corporate governance

    Apply a set of principles and mechanisms by which an organisation is managed and directed, set procedures of information, control flow and decision making, distribute rights and responsibilities among departments and individuals, set corporate objectives and monitor and evaluate actions and results.

  • Maintain plan for continuity of operations

    Update methodology which contains steps to ensure that facilities of an organisation are able to continue operating, in case of broad range of unforeseen events.

  • Ensure adherence to organisational ICT standards

    Guarantee that the state of events is in accordance with the ICT rules and procedures described by an organisation for their products, services and solutions.

  • Implement ICT risk management

    Develop and implement procedures for identifying, assessing, treating and mitigating ICT risks, such as hacks or data leaks, according to the company's risk strategy, procedures and policies. Analyse and manage security risks and incidents. Recommend measures to improve digital security strategy.

  • Monitor technology trends

    Survey and investigate recent trends and developments in technology. Observe and anticipate their evolution, according to current or future market and business conditions.

  • Utilise decision support system

    Use the available ICT systems that can be used to support business or organisational decision making.

Optional knowledge and skills

php smalltalk (computer programming) python (computer programming) manage staff train employees vbscript c++ perl objective-c sap r3 coffeescript coordinate technological activities typescript lisp cobol assembly (computer programming) sas language tools for ict test automation prolog (computer programming) ict encryption cyber attack counter-measures internet governance ict process quality models computer programming apl optimise choice of ict solution computer forensics visual studio .net ruby (computer programming) erlang common lisp scratch (computer programming) r world wide web consortium standards abap create solutions to problems ict system user requirements groovy matlab ict recovery techniques asp.net web application security threats java (computer programming) microsoft visual c++ openedge advanced business language internet of things ajax swift (computer programming) haskell c# javascript use different communication channels pascal (computer programming) software anomalies ml (computer programming) scala